Spring Boot Reference Guide

Authors

Copies of this document may be made for your own use and for distribution to
others, provided that you do not charge any fee for such copies and further
provided that each copy contains this Copyright Notice, whether distributed in
print or electronically.

Part I. Spring Boot Documentation

This section provides a brief overview of Spring Boot reference documentation. Think of
it as map for the rest of the document. You can read this reference guide in a linear
fashion, or you can skip sections if something doesn’t interest you.

1. About the documentation

Copies of this document may be made for your own use and for
distribution to others, provided that you do not charge any fee for such copies and
further provided that each copy contains this Copyright Notice, whether distributed in
print or electronically.

2. Getting help

Having trouble with Spring Boot, We’d like to help!

Try the How-to’s — they provide solutions to the most common
questions.

Learn the Spring basics — Spring Boot is builds on many other Spring projects, check
the spring.io web-site for a wealth of reference documentation. If
you are just starting out with Spring, try one of the guides.

Part II. Getting started

If you’re just getting started with Spring Boot, or Spring in general, this is the section
for you! Here we answer the basic “what?”, “how?” and “why?” questions. You’ll
find a gentle introduction to Spring Boot along with installation instructions.
We’ll then build our first Spring Boot application, discussing some core principles as
we go.

8. Introducing Spring Boot

Spring Boot makes it easy to create stand-alone, production-grade Spring based
Applications that you can “just run”. We take an opinionated view of the Spring
platform and third-party libraries so you can get started with minimum fuss. Most Spring
Boot applications need very little Spring configuration.

You can use Spring Boot to create Java applications that can be started using java -jar
or more traditional war deployments. We also provide a command line tool that runs
“spring scripts”.

Our primary goals are:

Provide a radically faster and widely accessible getting started experience for all
Spring development.

Be opinionated out of the box, but get out of the way quickly as requirements start to
diverge from the defaults.

Provide a range of non-functional features that are common to large classes of projects
(e.g. embedded servers, security, metrics, health checks, externalized configuration).

Absolutely no code generation and no requirement for XML configuration.

9. Installing Spring Boot

Spring Boot can be used with “classic” Java development tools or installed as a command
line tool. Regardless, you will need Java SDK v1.6 or higher. You
should check your current Java installation before you begin:

$ java -version

If you are new to Java development, or if you just want to experiment with Spring Boot
you might want to try the Spring Boot CLI first,
otherwise, read on for “classic” installation instructions.

Tip

Although Spring Boot is compatible with Java 1.6, if possible, you should consider
using the latest version of Java.

9.1 Installation instructions for the Java developer

You can use Spring Boot in the same way as any standard Java library. Simply include the
appropriate spring-boot-*.jar files on your classpath. Spring Boot does not require
any special tools integration, so you can use any IDE or text editor; and there is
nothing special about a Spring Boot application, so you can run and debug as you would
any other Java program.

Although you could just copy Spring Boot jars, we generally recommend that you use a
build tool that supports dependency management (such as Maven or Gradle).

9.1.1 Maven installation

Spring Boot is compatible with Apache Maven 3.0 or above. If you don’t already have Maven
installed you can follow the instructions at http://maven.apache.org.

Tip

On many operating systems Maven can be installed via a package manager. If you’re an
OSX Homebrew user try brew install maven. Ubuntu users can run
sudo apt-get install maven.

Spring Boot dependencies use the org.springframework.bootgroupId. Typically your
Maven POM file will inherit from the spring-boot-starter-parent project and declare
dependencies to one or more “Starter
POMs”. Spring Boot also provides an optional
Maven plugin to create
executable jars.

The spring-boot-starter-parent is a great way to use Spring Boot, but it might
not be suitable all of the time. Sometimes you may need to inherit from a different
parent POM, or you might just not like our default settings. See
Section 12.1.2, “Using Spring Boot without the parent POM” for an alternative solution that uses an import
scope.

9.1.2 Gradle installation

Spring Boot is compatible with Gradle 1.6 or above. If you don’t already have Gradle
installed you can follow the instructions at http://www.gradle.org/.

Spring Boot dependencies can be declared using the org.springframework.bootgroup.
Typically your project will declare dependencies to one or more
“Starter POMs”. Spring Boot
provides a useful Gradle plugin
that can be used to simplify dependency declarations and to create executable jars.

9.2 Installing the Spring Boot CLI

The Spring Boot CLI is a command line tool that can be used if you want to quickly
prototype with Spring. It allows you to run Groovy scripts,
which means that you have a familiar Java-like syntax, without so much boilerplate code.

You don’t need to use the CLI to work with Spring Boot but it’s definitely the quickest
way to get a Spring application off the ground.

9.2.1 Manual installation

You can download the Spring CLI distribution from the Spring software repository:

Once downloaded, follow the INSTALL.txt
instructions from the unpacked archive. In summary: there is a spring script
(spring.bat for Windows) in a bin/ directory in the .zip file, or alternatively you
can use java -jar with the .jar file (the script helps you to be sure that the
classpath is set correctly).

9.2.2 Installation with GVM

GVM (the Groovy Environment Manager) can be used for managing multiple versions of
various Groovy and Java binary packages, including Groovy itself and the Spring Boot CLI.
Get gvm from http://gvmtool.net and install Spring Boot with

This will install a local instance of spring called the dev instance inside your gvm
repository. It points at your target build location, so every time you rebuild Spring
Boot, spring will be up-to-date.

9.2.3 OSX Homebrew installation

If you are on a Mac and using Homebrew, all you need to do to install
the Spring Boot CLI is:

$ brew tap pivotal/tap
$ brew install springboot

Homebrew will install spring to /usr/local/bin.

Note

If you don’t see the formula, your installation of brew might be out-of-date.
Just execute brew update and try again.

9.2.4 Command-line completion

Spring Boot CLI ships with scripts that provide command completion for
BASH and
zsh shells. You can source the script (also named
spring) in any shell, or put it in your personal or system-wide bash completion
initialization. On a Debian system the system-wide scripts are in /shell-completion/bash
and all scripts in that directory are executed when a new shell starts. To run the script
manually, e.g. if you have installed using GVM

9.3 Upgrading from an earlier version of Spring Boot

If you are upgrading from an earlier release of Spring Boot check the “release notes”
hosted on the project wiki. You’ll find upgrade instructions along with
a list of “new and noteworthy” features for each release.

This should give you a working build, you can test it out by running mvn package (you
can ignore the “jar will be empty - no content was marked for inclusion!” warning for
now).

Note

At this point you could import the project into an IDE (most modern Java IDE’s
include built-in support for Maven). For simplicity, we will continue to use a plain
text editor for this example.

10.2 Adding classpath dependencies

Spring Boot provides a number of “Starter POMs” that make easy to add jars to your
classpath. Our sample application has already used spring-boot-starter-parent in the
parent section of the POM. The spring-boot-starter-parent is a special starter
that provides useful Maven defaults. It also provides a dependency-management section
so that you can omit version tags for “blessed” dependencies.

Other “Starter POMs” simply provide dependencies that you are likely to need when
developing a specific type of application. Since we are developing a web application, we
will add a spring-boot-starter-web dependency — but before that, let’s look at what we
currently have.

$ mvn dependency:tree
[INFO] com.example:myproject:jar:0.0.1-SNAPSHOT

The mvn dependency:tree command prints tree representation of your project dependencies.
You can see that spring-boot-starter-parent provides no
dependencies by itself. Let’s edit our pom.xml and add the spring-boot-starter-web dependency
just below the parent section:

If you run mvn dependency:tree again, you will see that there are now a number of
additional dependencies, including the Tomcat web server and Spring Boot itself.

10.3 Writing the code

To finish our application we need to create a single Java file. Maven will compile sources
from src/main/java by default so you need to create that folder structure, then add a
file named src/main/java/Example.java:

Although there isn’t much code here, quite a lot is going on. Let’s step though the
important parts.

10.3.1 The @RestController and @RequestMapping annotations

The first annotation on our Example class is @RestController. This is known as a
stereotype annotation. It provides hints for people reading the code, and for Spring,
that the class plays a specific role. In this case, our class is a web @Controller so
Spring will consider it when handling incoming web requests.

The @RequestMapping annotation provides “routing” information. It is telling Spring
that any HTTP request with the path "/" should be mapped to the home method. The
@RestController annotation tells Spring to render the resulting string directly
back to the caller.

Tip

The @RestController and @RequestMapping annotations are Spring MVC
annotations (they are not specific to Spring Boot). See the
MVC section in the Spring
Reference Documentation for more details.

10.3.2 The @EnableAutoConfiguration annotation

The second class-level annotation is @EnableAutoConfiguration. This annotation tells
Spring Boot to “guess” how you will want to configure Spring, based on the jar
dependencies that you have added. Since spring-boot-starter-web added Tomcat and
Spring MVC, the auto-configuration will assume that you are developing a web application
and setup Spring accordingly.

Starter POMs and Auto-Configuration

Auto-configuration is designed to work well with “Starter POMs”, but the two concepts
are not directly tied. You are free to pick-and-choose jar dependencies outside of the
starter POMs and Spring Boot will still do its best to auto-configure your application.

10.3.3 The “main” method

The final part of our application is the main method. This is just a standard method
that follows the Java convention for an application entry point. Our main method delegates
to Spring Boot’s SpringApplication class by calling run. SpringApplication will
bootstrap our application, starting Spring which will in turn start the auto-configured
Tomcat web server. We need to pass Example.class as an argument to the run method to
tell SpringApplication which is the primary Spring component. The args array is also
passed through to expose any command-line arguments.

10.4 Running the example

At this point our application should work. Since we have used the
spring-boot-starter-parent POM we have a useful run goal that we can use to start
the application. Type mvn spring-boot:run from the root project directory to start the
application:

10.5 Creating an executable jar

Let’s finish our example by creating a completely self-contained executable jar file that
we could run in production. Executable jars (sometimes called “fat jars”) are archives
containing your compiled classes along with all of the jar dependencies that your code
needs to run.

Executable jars and Java

Java does not provide any standard way to load nested jar files (i.e. jar files that are
themselves contained within a jar). This can be problematic if you are looking to
distribute a self-contained application.

To solve this problem, many developers use “shaded” jars. A shaded jar simply packages
all classes, from all jars, into a single “uber jar”. The problem with shaded jars is that
it becomes hard to see which libraries you are actually using in your application. It can
also be problematic if the the same filename is used (but with different content) in
multiple jars.

The spring-boot-starter-parent POM includes <executions> configuration to
bind the repackage goal. If you are not using the parent POM you will need to declare
this configuration yourself. See the plugin
documentation for details.

11. What to read next

Hopefully this section has provided you with some of the Spring Boot basics, and got you
on your way to writing your own applications. If you’re a task-oriented type of
developer you might want to jump over to http://spring.io and check out some of the
getting started guides that solve specific
“How do I do that with Spring” problems; we also have Spring Boot-specific
How-to reference documentation.

Part III. Using Spring Boot

This section goes into more detail about how you should use Spring Boot. It covers topics
such as build systems, auto-configuration and run/deployment options. We also cover some
Spring Boot best practices. Although there is nothing particularly special about
Spring Boot (it is just another library that you can consume), there are a few
recommendations that, when followed, will make your development process just a
little easier.

If you’re just starting out with Spring Boot, you should probably read the
Getting Started guide before diving into
this section.

12. Build systems

It is strongly recommended that you choose a build system that supports dependency
management, and one that can consume artifacts published to the “Maven Central”
repository. We would recommend that you choose Maven or Gradle. It is possible to get
Spring Boot to work with other build systems (Ant for example), but they will not be
particularly well supported.

12.1 Maven

Maven users can inherit from the spring-boot-starter-parent project to obtain sensible
defaults. The parent project provides the following features:

Java 1.6 as the default compiler level.

UTF-8 source encoding.

A Dependency Management section, allowing you to omit <version> tags for common
dependencies, inherited from the spring-boot-dependencies POM.

You should only need to specify the Spring Boot version number on this dependency.
If you import additional starters, you can safely omit the version number.

12.1.2 Using Spring Boot without the parent POM

Not everyone likes inheriting from the spring-boot-starter-parent POM. You may have your
own corporate standard parent that you need to use, or you may just prefer to explicitly
declare all your Maven configuration.

If you don’t want to use the spring-boot-starter-parent, you can still keep the benefit
of the dependency management (but not the plugin management) by using a scope=import
dependency:

12.4 Starter POMs

Starter POMs are a set of convenient dependency descriptors that you can include in your
application. You get a one-stop-shop for all the Spring and related technology that you
need, without having to hunt through sample code and copy paste loads of dependency
descriptors. For example, if you want to get started using Spring and JPA for database
access, just include the spring-boot-starter-data-jpa dependency in your project, and
you are good to go.

The starters contain a lot of the dependencies that you need to get a project up and
running quickly and with a consistent, supported set of managed transitive dependencies.

What’s in a name

All starters follow a similar naming pattern; spring-boot-starter-*, where * is
a particular type of application. This naming structure is intended to help when you need
to find a starter. The Maven integration in many IDEs allow you to search dependencies by
name. For example, with the appropriate Eclipse or STS plugin installed, you can simply
hit ctrl-space in the POM editor and type 'spring-boot-starter' for a complete list.

The following application starters are provided by Spring Boot under the
org.springframework.boot group:

Support for the “Advanced Message Queuing Protocol” via spring-rabbit.

spring-boot-starter-aop

Support for aspect-oriented programming including spring-aop and AspectJ.

spring-boot-starter-batch

Support for “Spring Batch” including HSQLDB database.

spring-boot-starter-data-elasticsearch

Support for the Elasticsearch search and analytics engine including
spring-data-elasticsearch.

spring-boot-starter-data-gemfire

Support for the GemFire distributed data store including spring-data-gemfire.

spring-boot-starter-data-jpa

Support for the “Java Persistence API” including spring-data-jpa, spring-orm
and Hibernate.

spring-boot-starter-data-mongodb

Support for the MongoDB NoSQL Database, including spring-data-mongodb.

spring-boot-starter-data-rest

Support for exposing Spring Data repositories over REST via spring-data-rest-webmvc.

spring-boot-starter-data-solr

Support for the Apache Solr search platform, including spring-data-solr.

spring-boot-starter-freemarker

Support for the FreeMarker templating engine

spring-boot-starter-groovy-templates

Support for the Groovy templating engine

spring-boot-starter-hornetq

Support for “Java Message Service API” via HornetQ.

spring-boot-starter-integration

Support for common spring-integration modules.

spring-boot-starter-jdbc

JDBC Database support.

spring-boot-starter-mobile

Support for spring-mobile

spring-boot-starter-redis

Support for the REDIS key-value data store, including spring-redis.

spring-boot-starter-security

Support for spring-security.

spring-boot-starter-social-facebook

Support for spring-social-facebook.

spring-boot-starter-social-linkedin

Support for spring-social-linkedin.

spring-boot-starter-social-twitter

Support for spring-social-twitter.

spring-boot-starter-test

Support for common test dependencies, including JUnit, Hamcrest and Mockito along with
the spring-test module.

spring-boot-starter-thymeleaf

Support for the Thymeleaf templating engine, including integration with Spring.

spring-boot-starter-velocity

Support for the Velocity templating engine

spring-boot-starter-web

Support for full-stack web development, including Tomcat and spring-webmvc.

spring-boot-starter-websocket

Support for websocket development with Tomcat.

spring-boot-starter-ws

Support for Spring Web Services

In addition to the application starters, the following starters can be used to
add production ready features.

Table 12.2. Spring Boot production ready starters

Name

Description

spring-boot-starter-actuator

Adds production ready features such as metrics and monitoring.

spring-boot-starter-remote-shell

Adds remote ssh shell support.

Finally, Spring Boot includes some starters that can be used if you want to exclude or
swap specific technical facets.

Table 12.3. Spring Boot technical starters

Name

Description

spring-boot-starter-jetty

Imports the Jetty HTTP engine (to be used as an alternative to Tomcat)

spring-boot-starter-log4j

Support the Log4J logging framework

spring-boot-starter-logging

Import Spring Boot’s default logging framework (Logback).

spring-boot-starter-tomcat

Import Spring Boot’s default HTTP engine (Tomcat).

Tip

For a list of additional community contributed starter POMs, see the
README file in the
spring-boot-starters module on GitHub.

13. Structuring your code

Spring Boot does not require any specific code layout to work, however, there are some
best practices that help.

13.1 Using the “default” package

When a class doesn’t include a package declaration it is considered to be in the
“default package”. The use of the “default package” is generally discouraged, and
should be avoided. It can cause particular problems for Spring Boot applications that
use @ComponentScan or @EntityScan annotations, since every class from every jar,
will be read.

Tip

We recommend that you follow Java’s recommended package naming conventions
and use a reversed domain name (for example, com.example.project).

13.2 Locating the main application class

We generally recommend that you locate your main application class in a root package
above other classes. The @EnableAutoConfiguration annotation is often placed on your
main class, and it implicitly defines a base “search package” for certain items. For
example, if you are writing a JPA application, the package of the
@EnableAutoConfiguration annotated class will be used to search for @Entity items.

Using a root package also allows the @ComponentScan annotation to be used without
needing to specify a basePackage attribute.

14. Configuration classes

Spring Boot favors Java-based configuration. Although it is possible to call
SpringApplication.run() with an XML source, we generally recommend that your primary
source is a @Configuration class. Usually the class that defines the main method
is also a good candidate as the primary @Configuration.

Tip

Many Spring configuration examples have been published on the Internet that use XML
configuration. Always try to use the equivalent Java-base configuration if possible.
Searching for enable* annotations can be a good starting point.

14.1 Importing additional configuration classes

You don’t need to put all your @Configuration into a single class. The @Import
annotation can be used to import additional configuration classes. Alternatively, you
can use @ComponentScan to automatically pickup all Spring components, including
@Configuration classes.

14.2 Importing XML configuration

If you absolutely must use XML based configuration, we recommend that you still start
with a @Configuration class. You can then use an additional @ImportResource
annotation to load XML configuration files.

15. Auto-configuration

Spring Boot auto-configuration attempts to automatically configure your Spring
application based on the jar dependencies that you have added. For example, If
HSQLDB is on your classpath, and you have not manually configured any database
connection beans, then we will auto-configure an in-memory database.

You need to opt-in to auto-configuration by adding the @EnableAutoConfiguration
annotation to one of your @Configuration classes.

Tip

You should only ever add one @EnableAutoConfiguration annotation. We generally
recommend that you add it to your primary @Configuration class.

15.1 Gradually replacing auto-configuration

Auto-configuration is noninvasive, at any point you can start to define your own
configuration to replace specific parts of the auto-configuration. For example, if
you add your own DataSource bean, the default embedded database support will back away.

If you need to find out what auto-configuration is currently being applied, and why,
starting your application with the --debug switch. This will log an auto-configuration
report to the console.

15.2 Disabling specific auto-configuration

If you find that specific auto-configure classes are being applied that you don’t want,
you can use the exclude attribute of @EnableAutoConfiguration to disable them.

16. Spring Beans and dependency injection

You are free to use any of the standard Spring Framework techniques to define your beans
and their injected dependencies. For simplicity, we often find that using @ComponentScan
to find your beans, in combination with @Autowired constructor injection works well.

If you structure your code as suggested above (locating your application class in a root
package), you can add @ComponentScan without any arguments. All of your application
components (@Component, @Service, @Repository, @Controller etc.) will be
automatically registered as Spring Beans.

Here is an example @Service Bean that uses constructor injection to obtain a
required RiskAssessor bean.

Notice how using constructor injection allows the riskAssessor field to be marked
as final, indicating that it cannot be subsequently changed.

17. Running your application

One of the biggest advantages of packaging your application as jar and using an embedded
HTTP server is that you can run your application as you would any other. Debugging Spring
Boot applications is also easy; you don’t need any special IDE plugins or extensions.

Note

This section only covers jar based packaging, If you choose to package your
application as a war file you should refer to your server and IDE documentation.

17.1 Running from an IDE

You can run a Spring Boot application from your IDE as a simple Java application, however,
first you will need to import your project. Import steps will vary depending on your IDE
and build system. Most IDEs can import Maven projects directly, for example Eclipse users
can select Import... → Existing Maven Projects from the File menu.

If you can’t directly import your project into your IDE, you may be able to generate IDE
meta-data using a build plugin. Maven includes plugins for
Eclipse and
IDEA; Gradle offers plugins
for various IDEs.

Tip

If you accidentally run a web application twice you will see a “Port already in
use” error. STS users can use the Relaunch button rather than Run to ensure that
any existing instance is closed.

17.2 Running as a packaged application

If you use the Spring Boot Maven or Gradle plugins to create an executable jar you can
run your application using java -jar. For example:

$ java -jar target/myproject-0.0.1-SNAPSHOT.jar

It is also possible to run a packaged application with remote debugging support enabled.
This allows you to attach a debugger to your packaged application:

17.3 Using the Maven plugin

The Spring Boot Maven plugin includes a run goal which can be used to quickly compile
and run your application. Applications run in an exploded form, and you can edit
resources for instant “hot” reload.

17.5 Hot swapping

Since Spring Boot applications are just plain Java applications, JVM hot-swapping should
work out of the box. JVM hot swapping is somewhat limited with the bytecode that it can
replace, for a more complete solution the
Spring Loaded project, or
JRebel can be used.

19. What to read next

You should now have good understanding of how you can use Spring Boot along with some best
practices that you should follow. You can now go on to learn about specific
Spring Boot features in depth, or you
could skip ahead and read about the
“production ready” aspects of Spring
Boot.

Part IV. Spring Boot features

This section dives into the details of Spring Boot. Here you can learn about the key
features that you will want to use and customize. If you haven’t already, you might want
to read the Part II, “Getting started” and
Part III, “Using Spring Boot” sections so that you have a good grounding
of the basics.

20. SpringApplication

The SpringApplication class provides a convenient way to bootstrap a Spring application
that will be started from a main() method. In many situations you can just delegate to
the static SpringApplication.run method:

By default INFO logging messages will be shown, including some relevant startup details
such as the user that launched the application.

20.1 Customizing the Banner

The banner that is printed on start up can be changed by adding a banner.txt file
to your classpath, or by setting banner.location to the location of such a file.
If the file has an unusual encoding you can set banner.encoding (default is UTF-8).

20.2 Customizing SpringApplication

If the SpringApplication defaults aren’t to your taste you can instead create a local
instance and customize it. For example, to turn off the banner you would write:

The constructor arguments passed to SpringApplication are configuration sources
for spring beans. In most cases these will be references to @Configuration classes, but
they could also be references to XML configuration or to packages that should be scanned.

There are some restrictions when creating an ApplicationContext hierarchy, e.g.
Web components must be contained within the child context, and the same Environment
will be used for both parent and child contexts. See the
SpringApplicationBuilder javadoc
for full details.

20.4 Application events and listeners

In addition to the usual Spring Framework events, such as
ContextRefreshedEvent,
a SpringApplication sends some additional application events. Some events are actually
triggered before the ApplicationContext is created.

You can register event listeners in a number of ways, the most common being
SpringApplication.addListeners(...) method.

Application events are sent in the following order, as your application runs:

An ApplicationStartedEvent is sent at the start of a run, but before any
processing except the registration of listeners and initializers.

An ApplicationEnvironmentPreparedEvent is sent when the Environment to be used in
the context is known, but before the context is created.

An ApplicationPreparedEvent is sent just before the refresh is started, but after bean
definitions have been loaded.

An ApplicationFailedEvent is sent if there is an exception on startup.

Tip

You often won’t need to use application events, but it can be handy to know that they
exist. Internally, Spring Boot uses events to handle a variety of tasks.

20.5 Web environment

A SpringApplication will attempt to create the right type of ApplicationContext on
your behalf. By default, an AnnotationConfigApplicationContext or
AnnotationConfigEmbeddedWebApplicationContext will be used, depending on whether you
are developing a web application or not.

The algorithm used to determine a “web environment” is fairly simplistic (based on the
presence of a few classes). You can use setWebEnvironment(boolean webEnvironment) if
you need to override the default.

It is also possible to take complete control of the ApplicationContext type that will
be used by calling setApplicationContextClass(...).

Tip

It is often desirable to call setWebEnvironment(false) when using SpringApplication
within a JUnit test.

20.6 Using the CommandLineRunner

If you want access to the raw command line arguments, or you need to run some specific code
once the SpringApplication has started you can implement the CommandLineRunner
interface. The run(String... args) method will be called on all Spring beans
implementing this interface.

You can additionally implement the org.springframework.core.Ordered interface or use the
org.springframework.core.annotation.Order annotation if several CommandLineRunner
beans are defined that must be called in a specific order.

20.7 Application exit

Each SpringApplication will register a shutdown hook with the JVM to ensure that the
ApplicationContext is closed gracefully on exit. All the standard Spring lifecycle
callbacks (such as the DisposableBean interface, or the @PreDestroy annotation) can
be used.

In addition, beans may implement the org.springframework.boot.ExitCodeGenerator
interface if they wish to return a specific exit code when the application ends.

21. Externalized Configuration

Spring Boot allows you to externalize your configuration so you can work with the same
application code in different environments. You can use properties files, YAML files,
environment variables and command-line arguments to externalize configuration. Property
values can be injected directly into your beans using the @Value annotation, accessed
via Spring’s Environment abstraction or bound to structured objects.

Spring Boot uses a very particular PropertySource order that is designed to allow
sensible overriding of values, properties are considered in the the following order:

You can bundle an application.properties inside your jar that provides a sensible
default name. When running in production, an application.properties can be provided
outside of your jar that overrides name; and for one-off testing, you can launch with
a specific command line switch (e.g. java -jar app.jar --name="Spring").

The RandomValuePropertySource is useful for injecting random values (e.g. into secrets
or test cases). It can produce integers, longs or strings, e.g.

The random.int* syntax is OPEN value (,max) CLOSE where the OPEN,CLOSE are any
character and value,max are integers. If max is provided then value is the minimum
value and max is the maximum (exclusive).

21.1 Accessing command line properties

By default SpringApplication will convert any command line option arguments (starting
with “--”, e.g. --server.port=9000) to a property and add it to the Spring
Environment. As mentioned above, command line properties always take precedence over
other property sources.

If you don’t want command line properties to be added to the Environment you can disable
them using SpringApplication.setAddCommandLineProperties(false).

21.2 Application property files

SpringApplication will load properties from application.properties files in the
following locations and add them to the Spring Environment:

A /config subdir of the current directory.

The current directory

A classpath /config package

The classpath root

The list is ordered by precedence (locations higher in the list override lower items).

If you don’t like application.properties as the configuration file name you can switch
to another by specifying a spring.config.name environment property. You can also refer
to an explicit location using the spring.config.location environment property
(comma-separated list of directory locations, or file paths).

If spring.config.location contains directories (as opposed to files) they should end
in / (and will be appended with the names generated from spring.config.name before
being loaded). The default search path classpath:,classpath:/config,file:,file:config/
is always used, irrespective of the value of spring.config.location. In that way you
can set up default values for your application in application.properties (or whatever
other basename you choose with spring.config.name) and override it at runtime with a
different file, keeping the defaults.

Note

if you use environment variables not system properties, most operating systems
disallow period-separated key names, but you can use underscores instead (e.g.
SPRING_CONFIG_NAME instead of spring.config.name).

Note

If you are running in a container then JNDI properties (in java:comp/env) or
servlet context initialization parameters can be used instead of, or as well as,
environment variables or system properties.

21.3 Profile specific properties

In addition to application.properties files, profile specific properties can also be
defined using the naming convention application-{profile}.properties.

Profile specific properties are loaded from the same locations as standard
application.properties, with profiles specific files overriding the default ones.

21.4 Placeholders in properties

The values in application.properties are filtered through the existing Environment
when they are used so you can refer back to previously defined values (e.g. from System
properties).

21.5 Using YAML instead of Properties

YAML is a superset of JSON, and as such is a very convenient format
for specifying hierarchical configuration data. The SpringApplication class will
automatically support YAML as an alternative to properties whenever you have the
SnakeYAML library on your classpath.

Note

If you use “starter POMs” SnakeYAML will be automatically provided via
spring-boot-starter.

21.5.1 Loading YAML

Spring Boot provides two convenient classes that can be used to load YAML documents. The
YamlPropertiesFactoryBean will load YAML as Properties and the YamlMapFactoryBean
will load YAML as a Map.

YAML lists are represented as property keys with [index] dereferencers,
for example this YAML:

my:
servers:
- dev.bar.com
- foo.bar.com

Would be transformed into these properties:

my.servers[0]=dev.bar.com
my.servers[1]=foo.bar.com

To bind to properties like that using the Spring DataBinder utilities (which is what
@ConfigurationProperties does) you need to have a property in the target bean of type
java.util.List (or Set) and you either need to provide a setter, or initialize it
with a mutable value, e.g. this will bind to the properties above

21.5.2 Exposing YAML as properties in the Spring Environment

The YamlPropertySourceLoader class can be used to expose YAML as a PropertySource
in the Spring Environment. This allows you to use the familiar @Value annotation with
placeholders syntax to access YAML properties.

21.5.3 Multi-profile YAML documents

You can specify multiple profile-specific YAML documents in a single file by
by using a spring.profiles key to indicate when the document applies. For example:

In the example above, the server.address property will be 127.0.0.1 if the
development profile is active. If the development and production profiles are not
enabled, then the value for the property will be 192.168.1.100

21.5.4 YAML shortcomings

YAML files can’t be loaded via the @PropertySource annotation. So in the
case that you need to load values that way, you need to use a properties file.

21.6 Typesafe Configuration Properties

Using the @Value("${property}") annotation to inject configuration properties can
sometimes be cumbersome, especially if you are working with multiple properties or
your data is hierarchical in nature. Spring Boot provides an alternative method
of working with properties that allows strongly typed beans to govern and validate
the configuration of your application. For example:

When the @EnableConfigurationProperties annotation is applied to your @Configuration,
any beans annotated with @ConfigurationProperties will be automatically configured
from the Environment properties. This style of configuration works particularly well
with the SpringApplication external YAML configuration:

21.6.1 Relaxed binding

Spring Boot uses some relaxed rules for binding Environment properties to
@ConfigurationProperties beans, so there doesn’t need to be an exact match between
the Environment property name and the bean property name. Common examples where this
is useful include underscore separated (e.g. context_path binds to contextPath), and
capitalized (e.g. PORT binds to port) environment properties.

Spring will attempt to coerce the external application properties to the right type when
it binds to the @ConfigurationProperties beans. If you need custom type conversion you
can provide a ConversionService bean (with bean id conversionService) or custom
property editors (via a CustomEditorConfigurer bean).

21.6.2 @ConfigurationProperties Validation

Spring Boot will attempt to validate external configuration, by default using JSR-303
(if it is on the classpath). You can simply add JSR-303 javax.validation constraint
annotations to your @ConfigurationProperties class:

You can also add a custom Spring Validator by creating a bean definition called
configurationPropertiesValidator.

Tip

The spring-boot-actuator module includes an endpoint that exposes all
@ConfigurationProperties beans. Simply point your web browser to /configprops
or use the equivalent JMX endpoint. See the
Production ready features.
section for details.

22. Profiles

Spring Profiles provide a way to segregate parts of your application configuration and
make it only available in certain environments. Any @Component or @Configuration can
be marked with @Profile to limit when it is loaded:

In the normal Spring way, you can use a spring.profiles.activeEnvironment property to specify which profiles are active. You can
specify the property in any of the usual ways, for example you could
include it in your application.properties:

spring.profiles.active=dev,hsqldb

or specify on the command line using the switch --spring.profiles.active=dev,hsqldb.

22.1 Adding active profiles

The spring.profiles.active property follows the same ordering rules as other
properties, the highest PropertySource will win. This means that you can specify
active profiles in application.properties then replace them using the command line
switch.

Sometimes it is useful to have profile specific properties that add to the active
profiles rather than replace them. The spring.profiles.include property can be used
to unconditionally add active profiles. The SpringApplication entry point also has
a Java API for setting additional profiles (i.e. on top of those activated by the
spring.profiles.active property): see the setAdditionalProfiles() method.

For example, when an application with following properties is run using the switch
--spring.profiles.active=prod the proddb and prodmq profiles will also be activated:

22.2 Programmatically setting profiles

You can programmatically set active profiles by calling
SpringApplication.setAdditionalProfiles(...) before your application runs. It is also
possible to activate profiles using Spring’s ConfigurableEnvironment interface.

22.3 Profile specific configuration files

Profile specific variants of both application.properties (or application.yml) and
files referenced via @ConfigurationProperties are considered as files are loaded.
See Section 21.3, “Profile specific properties” for details.

By default, If you use the “Starter POMs”, Logback will be used for logging. Appropriate
Logback routing is also included to ensure that dependent libraries that use
Java Util Logging, Commons Logging, Log4J or SLF4J will all work correctly.

Tip

There are a lot of logging frameworks available for Java. Don’t worry if the above
list seems confusing, generally you won’t need to change your logging dependencies and
the Spring Boot defaults will work just fine.

Logger name — This is usually the source class name (often abbreviated).

The log message.

23.2 Console output

The default log configuration will echo messages to the console as they are written. By
default ERROR, WARN and INFO level messages are logged. To also log DEBUG level
messages to the console you can start your application with a --debug flag.

$ java -jar myapp.jar --debug

If your terminal supports ANSI, color output will be used to aid readability.

23.3 File output

By default, log files are written to spring.log in your temp directory and rotate at
10 Mb. You can easily customize the output folder by setting the logging.path property
(for example in your application.properties). It is also possible to change the filename
using a logging.file property. Note that if logging.file is used, then setting logging.path has no effect.

As with console output, ERROR, WARN and INFO level messages are logged by default.

23.4 Log Levels

All the supported logging systems can have the logger levels set in the Spring
Environment (so for example in application.properties) using “logging.level.*=LEVEL”
where “LEVEL” is one of TRACE, DEBUG, INFO, WARN, ERROR, FATAL, OFF. Example
application.properties:

23.5 Custom log configuration

The various logging systems can be activated by including the appropriate libraries on
the classpath, and further customized by providing a suitable configuration file in the
root of the classpath, or in a location specified by the Spring Environment property
logging.config. (Note however that since logging is initialized before the
ApplicationContext is created, it isn’t possible to control logging from
@PropertySources in Spring @Configuration files. System properties and the
conventional Spring Boot external configuration files work just fine.)

Depending on your logging system, the following files will be loaded:

Logging System

Customization

Logback

logback.xml

Log4j

log4j.properties or log4j.xml

JDK (Java Util Logging)

logging.properties

To help with the customization some other properties are transferred from the Spring
Environment to System properties:

Spring Environment

System Property

Comments

logging.file

LOG_FILE

Used in default log configuration if defined.

logging.path

LOG_PATH

Used in default log configuration if defined.

PID

PID

The current process ID (discovered if possible and when not already defined as an OS
environment variable).

All the logging systems supported can consult System properties when parsing their
configuration files. See the default configurations in spring-boot.jar for examples.

Warning

There are know classloading issues with Java Util Logging that cause problems
when running from an “executable jar”. We recommend that you avoid it if at all
possible.

24. Developing web applications

Spring Boot is well suited for web application development. You can easily create a
self-contained HTTP server using embedded Tomcat or Jetty. Most web applications will
use the spring-boot-starter-web module to get up and running quickly.

If you haven’t yet developed a Spring Boot web application you can follow the
"Hello World!" example in the
Getting started section.

If you want to take complete control of Spring MVC, you can add your own @Configuration
annotated with @EnableWebMvc. If you want to keep Spring Boot MVC features, and
you just want to add additional MVC configuration (interceptors,
formatters, view controllers etc.) you can add your own @Bean of type
WebMvcConfigurerAdapter, but without@EnableWebMvc.

24.1.2 HttpMessageConverters

Spring MVC uses the HttpMessageConverter interface to convert HTTP requests and
responses. Sensible defaults are included out of the box, for example Objects can be
automatically converted to JSON (using the Jackson library) or XML (using JAXB).

If you need to add or customize converters you can use Spring Boot’s
HttpMessageConverters class:

24.1.3 MessageCodesResolver

Spring MVC has a strategy for generating error codes for rendering error messages
from binding errors: MessageCodesResolver. Spring Boot will create one for you if
you set the spring.mvc.message-codes-resolver.format property PREFIX_ERROR_CODE or
POSTFIX_ERROR_CODE (see the enumeration in DefaultMessageCodesResolver.Format).

24.1.4 Static Content

By default Spring Boot will serve static content from a folder called /static (or
/public or /resources or /META-INF/resources) in the classpath or from the root
of the ServletContext. It uses the ResourceHttpRequestHandler from Spring MVC so you
can modify that behavior by adding your own WebMvcConfigurerAdapter and overriding the
addResourceHandlers method.

In a stand-alone web application the default servlet from the container is also
enabled, and acts as a fallback, serving content from the root of the ServletContext if
Spring decides not to handle it. Most of the time this will not happen (unless you modify
the default MVC configuration) because Spring will always be able to handle requests
through the DispatcherServlet.

In addition to the “standard” static resource locations above, a special case is made for
Webjars content. Any resources with a path in /webjars/** will
be served from jar files if they are packaged in the Webjars format.

Tip

Do not use the src/main/webapp folder if your application will be packaged as a
jar. Although this folder is a common standard, it will only work with war packaging
and it will be silently ignored by most build tools if you generate a jar.

24.1.5 Template engines

As well as REST web services, you can also use Spring MVC to serve dynamic HTML content.
Spring MVC supports a variety of templating technologies including Velocity, FreeMarker
and JSPs. Many other templating engines also ship their own Spring MVC integrations.

Spring Boot includes auto-configuration support for the following templating engines:

When you’re using one of these templating engines with the default configuration, your templates
will be picked up automatically from src/main/resources/templates.

Tip

JSPs should be avoided if possible, there are several
known limitations when using them with embedded
servlet containers.

24.1.6 Error Handling

Spring Boot provides an /error mapping by default that handles all errors in a
sensible way, and it is registered as a “global” error page in the servlet container.
For machine clients it will produce a JSON response with details of the error, the HTTP
status and the exception message. For browser clients there is a “whitelabel” error
view that renders the same data in HTML format (to customize it just add a View that
resolves to “error”). To replace the default behaviour completely you can implement
ErrorController and register a bean definition of that type, or simply add a bean
of type ErrorAttributes to use the existing mechanism but replace the contents.

If you want more specific error pages for some conditions, the embedded servlet containers
support a uniform Java DSL for customizing the error handling. For example:

24.2 Embedded servlet container support

Spring Boot includes support for embedded Tomcat and Jetty servers. Most developers will
simply use the appropriate “Starter POM” to obtain a fully configured instance. By
default both Tomcat and Jetty will listen for HTTP requests on port 8080.

24.2.1 Servlets and Filters

When using an embedded servlet container you can register Servlets and Filters directly as
Spring beans. This can be particularly convenient if you want to refer to a value from
your application.properties during configuration.

By default, if the context contains only a single Servlet it will be mapped to /. In
the case of multiple Servlets beans the bean name will be used as a path prefix. Filters
will map to /*.

If convention-based mapping is not flexible enough you can use the
ServletRegistrationBean and FilterRegistrationBean classes for complete control. You
can also register items directly if your bean implements the ServletContextInitializer
interface.

24.2.2 The EmbeddedWebApplicationContext

Under the hood Spring Boot uses a new type of ApplicationContext for embedded
servlet container support. The EmbeddedWebApplicationContext is a special
type of WebApplicationContext that bootstraps itself by searching for a single
EmbeddedServletContainerFactory bean. Usually a TomcatEmbeddedServletContainerFactory
or JettyEmbeddedServletContainerFactory will have been auto-configured.

Note

You usually won’t need to be aware of these implementation classes. Most
applications will be auto-configured and the appropriate ApplicationContext and
EmbeddedServletContainerFactory will be created on your behalf.

24.2.3 Customizing embedded servlet containers

Common servlet container settings can be configured using Spring Environment
properties. Usually you would define the properties in your application.properties
file.

Programmatic customization

If you need to configure your embdedded servlet container programmatically you can register
a Spring bean that implements the EmbeddedServletContainerCustomizer interface.
EmbeddedServletContainerCustomizer provides access to the
ConfigurableEmbeddedServletContainer which includes numerous customization setter
methods.

Setters are provided for many configuration options. Several protected method
“hooks” are also provided should you need to do something more exotic. See the
source code documentation for details.

24.2.4 JSP limitations

When running a Spring Boot application that uses an embedded servlet container (and is
packaged as an executable archive), there are some limitations in the JSP support.

With Tomcat it should work if you use war packaging, i.e. an executable war will work,
and will also be deployable to a standard container (not limited to, but including
Tomcat). An executable jar will not work because of a hard coded file pattern in Tomcat.

25. Security

If Spring Security is on the classpath then web applications will be secure by default
with “basic” authentication on all HTTP endpoints. To add method-level security to a web
application you can also add @EnableGlobalMethodSecurity with your desired settings.
Additional information can be found in the Spring
Security Reference.

The default AuthenticationManager has a single user (“user” username and random
password, printed at INFO level when the application starts up)

Using default security password: 78fa095d-3f4c-48b1-ad50-e24c31d5cf35

You can change the password by providing a security.user.password. This and other
useful properties are externalized via
SecurityProperties
(properties prefix "security").

The default security configuration is implemented in SecurityAutoConfiguration and in
the classes imported from there (SpringBootWebSecurityConfiguration for web security
and AuthenticationManagerConfiguration for authentication configuration which is also
relevant in non-web applications). To switch off the Boot default configuration
completely in a web application you can add a bean with @EnableWebSecurity. To customize
it you normally use external properties and beans of type WebConfigurerAdapter (e.g. to
add form-based login). There are several secure applications in the
Spring Boot samples to get you started with common
use cases.

The basic features you get out of the box in a web application are:

An AuthenticationManager bean with in-memory store and a single user (see
SecurityProperties.User for the properties of the user).

Security events published to Spring’s ApplicationEventPublisher (successful and
unsuccessful authentication and access denied).

Common low-level features (HSTS, XSS, CSRF, caching) provided by Spring Security are
on by default.

All of the above can be switched on and off or modified using external properties
(security.*). To override the access rules without changing any other autoconfigured
features add a @Bean of type WebConfigurerAdapter with
@Order(SecurityProperties.ACCESS_OVERRIDE_ORDER).

If the Actuator is also in use, you will find:

The management endpoints are secure even if the application endpoints are unsecure.

Security events are transformed into AuditEvents and published to the AuditService.

The default user will have the ADMIN role as well as the USER role.

The Actuator security features can be modified using external properties
(management.security.*). To override the application access rules
add a @Bean of type WebConfigurerAdapter and use
@Order(SecurityProperties.ACCESS_OVERRIDE_ORDER) if you don’t want to override
the actuator access rules, or @Order(ManagementServerProperties.ACCESS_OVERRIDE_ORDER)
if you do want to override the actuator access rules.

26. Working with SQL databases

The Spring Framework provides extensive support for working with SQL databases. From
direct JDBC access using JdbcTemplate to complete “object relational mapping”
technologies such as Hibernate. Spring Data provides an additional level of functionality,
creating Repository implementations directly from interfaces and using conventions to
generate queries from your method names.

26.1 Configure a DataSource

Java’s javax.sql.DataSource interface provides a standard method of working with
database connections. Traditionally a DataSource uses a URL along with some
credentials to establish a database connection.

26.1.1 Embedded Database Support

It’s often convenient to develop applications using an in-memory embedded database.
Obviously, in-memory databases do not provide persistent storage; you will need to
populate your database when your application starts and be prepared to throw away
data when your application ends.

For a pooling DataSource to be created we need to be able to verify that a valid
Driver class is available, so we check for that before doing anything. I.e. if you set
spring.datasource.driverClassName=com.mysql.jdbc.Driver then that class has to be
loadable.

26.2 Using JdbcTemplate

Spring’s JdbcTemplate and NamedParameterJdbcTemplate classes are auto-configured and
you can @Autowire them directly into your own beans:

26.3 JPA and “Spring Data”

The Java Persistence API is a standard technology that allows you to “map” objects to
relational databases. The spring-boot-starter-data-jpa POM provides a quick way to get
started. It provides the following key dependencies:

26.3.1 Entity Classes

Traditionally, JPA “Entity” classes are specified in a persistence.xml file. With
Spring Boot this file is not necessary and instead “Entity Scanning” is used. By
default all packages below your main configuration class (the one annotated with
@EnableAutoConfiguration) will be searched.

Any classes annotated with @Entity, @Embeddable or @MappedSuperclass will be
considered. A typical entity class would look something like this:

26.3.2 Spring Data JPA Repositories

Spring Data JPA repositories are interfaces that you can define to access data. JPA
queries are created automatically from your method names. For example, a CityRepository
interface might declare a findAllByState(String state) method to find all cities
in a given state.

For more complex queries you can annotate your method using Spring Data’s
Query annotation.

Spring Data repositories usually extend from the
Repository or
CrudRepository interfaces. If you are using
auto-configuration, repositories will be searched from the package containing your
main configuration class (the one annotated with @EnableAutoConfiguration) down.

26.3.3 Creating and dropping JPA databases

By default JPA database will be automatically created only if you use an embedded
database (H2, HSQL or Derby). You can explicitly configure JPA settings using
spring.jpa.* properties. For example, to create and drop tables you can add the
following to your application.properties.

spring.jpa.hibernate.ddl-auto=create-drop

Note

Hibernate’s own internal property name for this (if you happen to remember it
better) is hibernate.hbm2ddl.auto. You can set it, along with other Hibernate native
properties, using spring.jpa.properties.* (the prefix is stripped before adding them
to the entity manager). By default the DDL execution (or validation) is deferred until
the ApplicationContext has started. There is also a spring.jpa.generate-ddl flag, but
it is not used if Hibernate autoconfig is active because the ddl-auto
settings are more fine grained.

27.1 Redis

Redis is a cache, message broker and richly-featured key-value store.
Spring Boot offers basic auto-configuration for the Jedis
client library and abstractions on top of it provided by
Spring Data Redis. There is a
spring-boot-starter-redis “Starter POM” for collecting the dependencies in a
convenient way.

27.1.1 Connecting to Redis

You can inject an auto-configured RedisConnectionFactory, StringRedisTemplate or
vanilla RedisTemplate instance as you would any other Spring Bean. By default the
instance will attempt to connect to a Redis server using localhost:6379:

If you add a @Bean of your own of any of the auto-configured types it will replace the
default (except in the case of RedisTemplate the exclusion is based on the bean name
“redisTemplate” not its type). If commons-pool2 is on the classpath you will get a
pooled connection factory by default.

27.2 MongoDB

MongoDB is an open-source NoSQL document database that uses a
JSON-like schema instead of traditional table-based relational data. Spring Boot offers
several conveniences for working with MongoDB, including the The
spring-boot-starter-data-mongodb “Starter POM”.

27.2.1 Connecting to a MongoDB database

You can inject an auto-configured com.mongodb.Mongo instance as you would any other
Spring Bean. By default the instance will attempt to connect to a MongoDB server using
the URL mongodb://localhost/test:

27.2.3 Spring Data MongoDB repositories

Spring Data includes repository support for MongoDB. As with the JPA repositories
discussed earlier, the basic principle is that queries are constructed for you
automatically based on method names.

In fact, both Spring Data JPA and Spring Data MongoDB share the same common
infrastructure; so you could take the JPA example from earlier and, assuming that
City is now a Mongo data class rather than a JPA @Entity, it will work in the
same way.

For complete details of Spring Data MongoDB, including its rich object mapping
technologies, refer to their reference
documentation.

27.3 Gemfire

Spring Data Gemfire provides
convenient Spring-friendly tools for accessing the Pivotal Gemfire
data management platform. There is a spring-boot-starter-data-gemfire “Starter POM”
for collecting the dependencies in a convenient way. There is currently no auto=config
support for Gemfire, but you can enable Spring Data Repositories with a
single annotation.

27.4 Solr

Apache Solr is a search engine. Spring Boot offers basic
auto-configuration for the solr client library and abstractions on top of it provided by
Spring Data Solr. There is
a spring-boot-starter-data-solr “Starter POM” for collecting the dependencies in a
convenient way.

27.4.1 Connecting to Solr

You can inject an auto-configured SolrServer instance as you would any other Spring
Bean. By default the instance will attempt to connect to a server using
http://localhost:8983/solr:

If you add a @Bean of your own of type SolrServer it will replace the default.

27.4.2 Spring Data Solr repositories

Spring Data includes repository support for Apache Solr. As with the JPA repositories
discussed earlier, the basic principle is that queries are constructed for you
automatically based on method names.

In fact, both Spring Data JPA and Spring Data Solr share the same common infrastructure;
so you could take the JPA example from earlier and, assuming that City is now a
@SolrDocument class rather than a JPA @Entity, it will work in the same way.

27.5 Elasticsearch

Elastic Search is an open source, distributed,
real-time search and analytics engine. Spring Boot offers basic auto-configuration for
the Elasticsearch and abstractions on top of it provided by
Spring Data Elasticsearch.
There is a spring-boot-starter-data-elasticsearch “Starter POM” for collecting the
dependencies in a convenient way.

27.5.1 Connecting to Elasticsearch

You can inject an auto-configured ElasticsearchTemplate or Elasticsearch Client
instance as you would any other Spring Bean. By default the instance will attempt to
connect to a local in-memory server (a NodeClient in Elasticsearch terms), but you can
switch to a remote server (i.e. a TransportClient) by setting
spring.data.elasticsearch.clusterNodes to a comma-separated “host:port” list.

If you add a @Bean of your own of type ElasticsearchTemplate it will replace the
default.

27.5.2 Spring Data Elasticsearch repositories

Spring Data includes repository support for Elasticsearch. As with the JPA repositories
discussed earlier, the basic principle is that queries are constructed for you
automatically based on method names.

In fact, both Spring Data JPA and Spring Data Elasticsearch share the same common
infrastructure; so you could take the JPA example from earlier and, assuming that
City is now an Elasticsearch @Document class rather than a JPA @Entity, it will
work in the same way.

28. Messaging

The Spring Framework provides extensive support for integrating with messaging systems:
from simplified use of the JMS API using JmsTemplate to a complete infrastructure to
receive messages asynchronously. Spring AMQP provides a similar feature set for the
“Advanced Message Queuing Protocol” and Boot also provides auto-configuration options
for RabbitTemplate and RabbitMQ. There is also support for STOMP messaging natively
in Spring Websocket and Spring Boot has support for that through starters and a small
amount of auto configuration.

28.1 JMS

The javax.jms.ConnectionFactory interface provides a standard method of creating a
javax.jms.Connection for interacting with a JMS broker. Although Spring needs a
ConnectionFactory to work with JMS, you generally won’t need to use it directly yourself
and you can instead rely on higher level messaging abstractions (see the
relevant section of the Spring Framework reference
documentation for details).

28.1.1 HornetQ support

Spring Boot can auto-configure a ConnectionFactory when it detects that HornetQ is
available on the classpath. If the broker is present, an embedded broker is started and
configured automatically (unless the mode property has been explicitly set). The supported
modes are: embedded (to make explicit that an embedded broker is required and should
lead to an error if the broker is not available in the classpath), and native to
connect to a broker using the the netty transport protocol. When the latter is
configured, Spring Boot configures a ConnectionFactory connecting to a broker running
on the local machine with the default settings.

Note

if you are using spring-boot-starter-hornetq the necessary dependencies to
connect to an existing HornetQ instance are provided, as well as the Spring infrastructure
to integrate with JMS. Adding org.hornetq:hornetq-jms-server to your application allows
you to use the embedded mode.

HornetQ configuration is controlled by external configuration properties in
spring.hornetq.*. For example, you might declare the following section in
application.properties:

When embedding the broker, you can chose if you want to enable persistence, and the list
of destinations that should be made available. These can be specified as a comma separated
list to create them with the default options; or you can define bean(s) of type
org.hornetq.jms.server.config.JMSQueueConfiguration or
org.hornetq.jms.server.config.TopicConfiguration, for advanced queue and topic
configurations respectively.

No JNDI lookup is involved at all and destinations are resolved against their names,
either using the “name” attribute in the HornetQ configuration or the names provided
through configuration.

28.1.2 ActiveMQ support

Spring Boot can also configure a ConnectionFactory when it detects that ActiveMQ is
available on the classpath. If the broker is present, an embedded broker is started and
configured automatically (as long as no broker URL is specified through configuration).

ActiveMQ configuration is controlled by external configuration properties in
spring.activemq.*. For example, you might declare the following section in
application.properties:

29. Spring Integration

Spring Integration provides abstractions over messaging and also other transports such as
HTTP, TCP etc. If Spring Integration is available on your classpath it will be initialized
through the @EnableIntegration annotation. Message processing statistics will be
published over JMX if “spring-integration-jmx” is also on the classpath.
See the IntegrationAutoConfiguration
class for more details.

30. Monitoring and management over JMX

Java Management Extensions (JMX) provide a standard mechanism to monitor and manage
applications. By default Spring Boot will create an MBeanServer with bean id
“mbeanServer” and expose any of your beans that are annotated with Spring JMX
annotations (@ManagedResource, @ManagedAttribute, @ManagedOperation).

31. Testing

Spring Boot provides a number of useful tools for testing your application. The
spring-boot-starter-test POM provides Spring Test, JUnit, Hamcrest and Mockito
dependencies. There are also useful test utilities in the core spring-boot module
under the org.springframework.boot.test package.

31.1 Test scope dependencies

If you use the
spring-boot-starter-test “Starter POM” (in the testscope), you will find
the following provided libraries:

These are common libraries that we generally find useful when writing tests. You are free
to add additional test dependencies of your own if these don’t suit your needs.

31.2 Testing Spring applications

One of the major advantages of dependency injection is that it should make your code
easier to unit test. You can simply instantiate objects using the new operator without
even involving Spring. You can also use mock objects instead of real dependencies.

Often you need to move beyond “unit testing” and start “integration testing” (with
a Spring ApplicationContext actually involved in the process). It’s useful to be able
to perform integration testing without requiring deployment of your application or
needing to connect to other infrastructure.

The Spring Framework includes a dedicated test module for just such integration testing.
You can declare a dependency directly to org.springframework:spring-test or use the
spring-boot-starter-test “Starter POM” to pull it in transitively.

If you have not used the spring-test module before you should start by reading the
relevant section of the Spring Framework reference
documentation.

31.3 Testing Spring Boot applications

A Spring Boot application is just a Spring ApplicationContext so nothing very special
has to be done to test it beyond what you would normally do with a vanilla Spring context.
One thing to watch out for though is that the external properties, logging and other
features of Spring Boot are only installed in the context by default if you use
SpringApplication to create it.

Spring Boot provides a @SpringApplicationConfiguration annotation as an alternative
to the standard spring-test@ContextConfiguration annotation. If you use
@SpringApplicationConfiguration to configure the ApplicationContext used in your
tests, it will be created via SpringApplication and you will get the additional Spring
Boot features.

The context loader guesses whether you want to test a web application or not (e.g.
with MockMVC) by looking for the @WebAppConfiguration annotation. (MockMVC and
@WebAppConfiguration are part of spring-test).

If you want a web application to start up and listen on its normal port, so you can test
it with HTTP (e.g. using RestTemplate), annotate your test class (or one of its
superclasses) with @IntegrationTest. This can be very useful because it means you can
test the full stack of your application, but also inject its components into the test
class and use them to assert the internal state of the application after an HTTP
interaction. For Example:

Spring’s test framework will cache application contexts between tests. Therefore,
as long as your tests share the same configuration, the time consuming process of starting
and stopping the server will only happen once, regardless of the number of tests that
actually run.

To change the port you can add environment properties to @IntegrationTest as colon- or
equals-separated name-value pairs, e.g. @IntegrationTest("server.port:9000").
Additionally you can set the server.port and management.port properties to 0
in order to run your integration tests using random ports. For example:

31.3.1 Using Spock to test Spring Boot applications

If you wish to use Spock to test a Spring Boot application you should add a dependency
on Spock’s spock-spring module to your application’s build. spock-spring integrates
Spring’s test framework into Spock.

31.4 Test utilities

A few test utility classes are packaged as part of spring-boot that are generally
useful when testing your application.

31.4.1 ConfigFileApplicationContextInitializer

ConfigFileApplicationContextInitializer is an ApplicationContextInitializer that
can apply to your tests to load Spring Boot application.properties files. You can use
this when you don’t need the full features provided by @SpringApplicationConfiguration.

31.4.4 TestRestTemplate

TestRestTemplate is a convenience subclass of Spring’s RestTemplate that is
useful in integration tests. You can get a vanilla template or one that sends Basic HTTP
authentication (with a username and password). In either case the template will behave
in a test-friendly way: not following redirects (so you can assert the response
location), ignoring cookies (so the template is stateless), and not throwing exceptions
on server-side errors. It is recommended, but not mandatory, to use Apache HTTP Client
(version 4.3.2 or better), and if you have that on your classpath the TestRestTemplate
will respond by configuring the client appropriately.

32. Developing auto-configuration and using conditions

If you work in a company that develops shared libraries, or if you work on an open-source
or commercial library, you might want to develop your own auto-configuration.
Auto-configuration classes can be bundled in external jars and still be picked-up by
Spring Boot.

32.1 Understanding auto-configured beans

Under the hood, auto-configuration is implemented with standard @Configuration classes.
Additional @Conditional annotations are used to constrain when the auto-configuration
should apply. Usually auto-configuration classes use @ConditionalOnClass and
@ConditionalOnMissingBean annotations. This ensures that auto-configuration only
applies when relevant classes are found and when you have not declared your own
@Configuration.

You can browse the source code of spring-boot-autoconfigure to see the @Configuration
classes that we provide (see the META-INF/spring.factories file).

32.2 Locating auto-configuration candidates

Spring Boot checks for the presence of a META-INF/spring.factories file within your
published jar. The file should list your configuration classes under the
EnableAutoConfiguration key.

You can use the
@AutoConfigureAfter or
@AutoConfigureBefore
annotations if your configuration needs to be applied in a specific order. For example,
if you provide web specific configuration, your class may need to be applied after
WebMvcAutoConfiguration.

32.3 Condition annotations

You almost always want to include one or more @Condition annotations on your
auto-configuration class. The @ConditionalOnMissingBean is one common example that is
used to allow developers to “override” auto-configuration if they are not happy with
your defaults.

Spring Boot includes a number of @Conditional annotations that you can reuse in your own
code by annotating @Configuration classes or individual @Bean methods.

32.3.1 Class conditions

The @ConditionalOnClass and @ConditionalOnMissingClass annotations allows configuration
to be skipped based on the presence or absence of specific classes. Due to the fact that
annotation meta-data is parsed using ASM you can actually use the
value attribute to refer to the real class, even though that class might not actually
appear on the running application classpath. You can also use the name attribute if you
prefer to specify the class name using a String value.

32.3.2 Bean conditions

The @ConditionalOnBean and @ConditionalOnMissingBean annotations allow configurations
to be skipped based on the presence or absence of specific beans. You can use the value
attribute to specify beans by type, or name to specify beans by name. The search
attribute allows you to limit the ApplicationContext hierarchy that should be considered
when searching for beans.

Note

@Conditional annotations are processed when @Configuration classes are
parsed. Auto-configure @Configuration is always parsed last (after any user defined
beans), however, if you are using these annotations on regular @Configuration classes,
care must be taken not to refer to bean definitions that have not yet been created.

32.3.3 Resource conditions

The @ConditionalOnResource annotation allows configuration to be included only when a
specific resource is present. Resources can be specified using the usual Spring
conventions, for example, file:/home/user/test.dat.

32.3.4 Web Application Conditions

The @ConditionalOnWebApplication and @ConditionalOnNotWebApplication annotations
allow configuration to be skipped depending on whether the application is a
web application. A web application is any application that is using a Spring
WebApplicationContext, defines a session scope or has a StandardServletEnvironment.

32.3.5 SpEL expression conditions

The @ConditionalOnExpression annotation allows configuration to be skipped based on the
result of a SpEL expression.

Part V. Spring Boot Actuator: Production-ready features

Spring Boot includes a number of additional features to help you monitor and manage your
application when it’s pushed to production. You can choose to manage and monitor your
application using HTTP endpoints, with JMX or even by remote shell (SSH or Telnet).
Auditing, health and metrics gathering can be automatically applied to your application.

34. Enabling production-ready features.

The spring-boot-actuator module provides all of
Spring Boot’s production-ready features. The simplest way to enable the features is to add
a dependency to the spring-boot-starter-actuator “Starter POM”.

Definition of Actuator

An actuator is a manufacturing term, referring to a mechanical device for moving or
controlling something. Actuators can generate a large amount of motion from a small
change.

To add the actuator to a Maven based project, add the following “starter”
dependency:

35. Endpoints

Actuator endpoints allow you to monitor and interact with your application. Spring Boot
includes a number of built-in endpoints and you can also add your own. For example the
health endpoint provides basic application health information.

The way that endpoints are exposed will depend on the type of technology that you choose.
Most applications choose HTTP monitoring, where the ID of the endpoint is mapped
to a URL. For example, by default, the health endpoint will be mapped to /health.

The following endpoints are available:

ID

Description

Sensitive

autoconfig

Displays an auto-configuration report showing all auto-configuration candidates and the
reason why they “were” or “were not” applied.

Allows the application to be gracefully shutdown (not enabled by default).

true

trace

Displays trace information (by default the last few HTTP requests).

true

Note

Depending on how an endpoint is exposed, the sensitive parameter may be used as
a security hint. For example, sensitive endpoints will require a username/password when
they are accessed over HTTP (or simply disabled if web security is not enabled).

35.1 Customizing endpoints

Endpoints can be customized using Spring properties. You can change if an endpoint is
enabled, if it is considered sensitive and even its id.

For example, here is an application.properties that changes the sensitivity and id
of the beans endpoint and also enables shutdown.

The prefix "endpoints + . + name" is used to uniquely identify the endpoint
that is being configured.

35.2 Custom health information

The default information exposed by the health endpoint is a simple “OK” message. It
is often useful to perform some additional health checks, for example you might check
that a database connection works, or that a remote REST endpoint is functioning.

To provide custom health information you can register a Spring bean that implements the
HealthIndicator interface.

Spring Boot provides a
DataSourceHealthIndicator
implementation that attempts a simple database test as well as implementations for
Redis, MongoDB and RabbitMQ.

Spring Boot adds the HealthIndicator instances automatically if beans of type DataSource,
MongoTemplate, RedisConnectionFactory, RabbitTemplate are present in the ApplicationContext.

Besides implementing custom a HealthIndicator type and using out-of-box Status
types, it is also possible to introduce custom Status types for different or more complex system
states. In that case a custom implementation of the HealthAggregator
interface needs to be provided or the default implementation has to be configured using the
health.status.order configuration property.

Assuming a new Status with code FATAL is being used in one of your HealthIndicator
implementations. To configure the severity or order add the following to your application properties:
health.status.order: FATAL, DOWN, UNKNOWN, UP.

35.3 Custom application info information

You can customize the data exposed by the info endpoint by setting info.* Spring
properties. All Environment properties under the info key will be automatically
exposed. For example, you could add the following to your application.properties:

In the above example we used project.* to set some values to be used as
fallbacks if the Maven resource filtering has not been switched on for some reason.

35.3.1 Git commit information

Another useful feature of the info endpoint is its ability to publish information
about the state of your git source code repository when the project was built. If a
git.properties file is contained in your jar the git.branch and git.commit
properties will be loaded.

For Maven users the spring-boot-starter-parent POM includes a pre-configured plugin to
generate a git.properties file. Simply add the following declaration to your POM:

A similar gradle-git plugin is also available
for Gradle users, although a little more work is required to generate the properties file.

36. Monitoring and management over HTTP

If you are developing a Spring MVC application, Spring Boot Actuator will auto-configure
all non-sensitive endpoints to be exposed over HTTP. The default convention is to use the
id of the endpoint as the URL path. For example, health is exposed as /health.

36.1 Exposing sensitive endpoints

If you use “Spring Security” sensitive endpoints will be exposed over HTTP, but also
protected. By default “basic” authentication will be used with the username user
and a generated password (which is printed on the console when the application starts).

You can use Spring properties to change the username and password and to change the
security role required to access the endpoints. For example, you might set the following
in your application.properties:

36.2 Customizing the management server context path

Sometimes it is useful to group all management endpoints under a single path. For example,
your application might already use /info for another purpose. You can use the
management.contextPath property to set a prefix for your management endpoint:

management.context-path=/manage

The application.properties example above will change the endpoint from /{id} to
/manage/{id} (e.g. /manage/info).

36.3 Customizing the management server port

Exposing management endpoints using the default HTTP port is a sensible choice for cloud
based deployments. If, however, your application runs inside your own data center you
may prefer to expose endpoints using a different HTTP port.

The management.port property can be used to change the HTTP port.

management.port=8081

Since your management port is often protected by a firewall, and not exposed to the public
you might not need security on the management endpoints, even if your main application is
secure. In that case you will have Spring Security on the classpath, and you can disable
management security like this:

management.security.enabled=false

(If you don’t have Spring Security on the classpath then there is no need to explicitly
disable the management security in this way, and it might even break the application.)

36.4 Customizing the management server address

You can customize the address that the management endpoints are available on by
setting the management.address property. This can be useful if you want to
listen only on an internal or ops-facing network, or to only listen for connections from
localhost.

Note

You can only listen on a different address if the port is different to the
main server port.

Here is an example application.properties that will not allow remote management
connections:

management.port=8081
management.address=127.0.0.1

36.5 Disabling HTTP endpoints

If you don’t want to expose endpoints over HTTP you can set the management port to -1:

37.1 Customizing MBean names

The name of the MBean is usually generated from the id of the endpoint. For example
the health endpoint is exposed as org.springframework.boot/Endpoint/HealthEndpoint.

If your application contains more than one Spring ApplicationContext you may find that
names clash. To solve this problem you can set the endpoints.jmx.uniqueNames property
to true so that MBean names are always unique.

You can also customize the JMX domain under which endpoints are exposed. Here is an
example application.properties:

endpoints.jmx.domain=myapp
endpoints.jmx.uniqueNames=true

37.2 Disabling JMX endpoints

If you don’t want to expose endpoints over JMX you can set the spring.jmx.enabled
property to false:

spring.jmx.enabled=false

37.3 Using Jolokia for JMX over HTTP

Jolokia is a JMX-HTTP bridge giving an alternative method of accessing JMX beans. To
use Jolokia, simply include a dependency to org.jolokia:jolokia-core. For example,
using Maven you would add the following:

Jolokia can then be accessed using /jolokia on your management HTTP server.

37.3.1 Customizing Jolokia

Jolokia has a number of settings that you would traditionally configure using servlet
parameters. With Spring Boot you can use your application.properties, simply prefix the
parameter with jolokia.config.:

jolokia.config.debug=true

37.3.2 Disabling Jolokia

If you are using Jolokia but you don’t want Spring Boot to configure it, simply set the
endpoints.jolokia.enabled property to false:

endpoints.jolokia.enabled=false

38. Monitoring and management using a remote shell

Spring Boot supports an integrated Java shell called “CRaSH”. You can use CRaSH to
ssh or telnet into your running application. To enable remote shell support add a
dependency to spring-boot-starter-remote-shell:

If you want to also enable telnet access your will additionally need a dependency
on org.crsh:crsh.shell.telnet.

38.1 Connecting to the remote shell

By default the remote shell will listen for connections on port 2000. The default user
is user and the default password will be randomly generated and displayed in the log
output. If your application is using Spring Security, the shell will use
the same configuration by default. If not, a simple
authentication will be applied and you should see a message like this:

Type help for a list of commands. Spring boot provides metrics, beans, autoconfig
and endpoint commands.

38.1.1 Remote shell credentials

You can use the shell.auth.simple.user.name and shell.auth.simple.user.password properties
to configure custom connection credentials. It is also possible to use a
“Spring Security” AuthenticationManager to handle login duties. See the
CrshAutoConfiguration
and ShellProperties
Javadoc for full details.

38.2 Extending the remote shell

The remote shell can be extended in a number of interesting ways.

38.2.1 Remote shell commands

You can write additional shell commands using Groovy or Java (see the CRaSH documentation
for details). By default Spring Boot will search for commands in the following locations:

classpath*:/commands/**

classpath*:/crash/commands/**

Tip

You can change the search path by settings a shell.commandPathPatterns property.

Here is a simple “hello world” command that could be loaded from
src/main/resources/commands/hello.groovy

39. Metrics

Spring Boot Actuator includes a metrics service with “gauge” and “counter” support.
A “gauge” records a single value; and a “counter” records a delta (an increment or
decrement). Metrics for all HTTP requests are automatically recorded, so if you hit the
metrics endpoint should should see a response similar to this:

Here we can see basic memory, heap, class loading, processor and thread pool
information along with some HTTP metrics. In this instance the root (“/”) and /metrics
URLs have returned HTTP 200 responses 20 and 3 times respectively. It also appears
that the root URL returned HTTP 401 (unauthorized) 4 times. The double asterix (**)
comes from a request matched by Spring MVC as /** (normally a static resource).

The gauge shows the last response time for a request. So the last request to root took
2ms to respond and the last to /metrics took 3ms.

Note

In this example we are actually accessing the endpoint over HTTP using the
/metrics URL, this explains why metrics appears in the response.

39.1 Recording your own metrics

To record your own metrics inject a
CounterService and/or
GaugeService into
your bean. The CounterService exposes increment, decrement and reset methods; the
GaugeService provides a submit method.

Here is a simple example that counts the number of times that a method is invoked:

You can use any string as a metric name but you should follow guidelines of your chosen
store/graphing technology. Some good guidelines for Graphite are available on
Matt Aimonetti’s Blog.

39.2 Metric repositories

Metric service implementations are usually bound to a
MetricRepository.
A MetricRepository is responsible for storing and retrieving metric information. Spring
Boot provides an InMemoryMetricRepository and a RedisMetricRepository out of the
box (the in-memory repository is the default) but you can also write your own. The
MetricRepository interface is actually composed of higher level MetricReader and
MetricWriter interfaces. For full details refer to the
Javadoc.

There’s nothing to stop you hooking a MetricRepository with back-end storage directly
into your app, but we recommend using the default InMemoryMetricRepository
(possibly with a custom Map instance if you are worried about heap usage) and
populating a back-end repository through a scheduled export job. In that way you get
some buffering in memory of the metric values and you can reduce the network
chatter by exporting less frequently or in batches. Spring Boot provides
an Exporter interface and a few basic implementations for you to get started with that.

39.3 Coda Hale Metrics

User of the Coda Hale “Metrics” library will automatically
find that Spring Boot metrics are published to com.codahale.metrics.MetricRegistry. A
default com.codahale.metrics.MetricRegistry Spring bean will be created when you declare
a dependency to the com.codahale.metrics:metrics-core library; you can also register you
own @Bean instance if you need customizations.

39.4 Message channel integration

If the “Spring Messaging” jar is on your classpath a MessageChannel called
metricsChannel is automatically created (unless one already exists). All metric update
events are additionally published as “messages” on that channel. Additional analysis or
actions can be taken by clients subscribing to that channel.

40. Auditing

Spring Boot Actuator has a flexible audit framework that will publish events once Spring
Security is in play (“authentication success”, “failure” and “access denied”
exceptions by default). This can be very useful for reporting, and also to implement a
lock-out policy based on authentication failures.

You can also choose to use the audit services for your own business events. To do that
you can either inject the existing AuditEventRepository into your own components and
use that directly, or you can simply publish AuditApplicationEvent via the Spring
ApplicationEventPublisher (using ApplicationEventPublisherAware).

41. Tracing

Tracing is automatically enabled for all HTTP requests. You can view the trace endpoint
and obtain basic information about the last few requests:

41.1 Custom tracing

If you need to trace additional events you can inject a
TraceRepository into your
Spring Beans. The add method accepts a single Map structure that will be converted to
JSON and logged.

By default an InMemoryTraceRepository will be used that stores the last 100 events. You
can define your own instance of the InMemoryTraceRepository bean if you need to expand
the capacity. You can also create your own alternative TraceRepository implementation
if needed.

42. Process monitoring

In Spring Boot Actuator you can find ApplicationPidListener which creates file
containing application PID (by default in application directory and file name is
application.pid). It’s not activated by default, but you can do it in two simple
ways described below.

Part VI. Deploying to the cloud

Spring Boot’s executable jars are ready-made for most popular cloud PaaS
(platform-as-a-service) providers. These providers tend to require that you
`bring your own container'; they manage application processes (not Java applications
specifically), so they need some intermediary layer that adapts your application to the
cloud’s notion of a running process.

Two popular cloud providers, Heroku and Cloud Foundry, employ a “buildpack” approach.
The buildpack wraps your deployed code in whatever is needed to start your
application: it might be a JDK and a call to java, it might be an embedded webserver,
or it might be a full fledged application server. A buildpack is pluggable, but ideally
you should be able to get by with as few customizations to it as possible.
This reduces the footprint of functionality that is not under your control. It minimizes
divergence between deployment and production environments.

Ideally, your application, like a Spring Boot executable jar, has everything that it needs
to run packaged within it.

44. Cloud Foundry

Cloud Foundry provides default buildpacks that come into play if no other buildpack is
specified. The Cloud Foundry Java buildpack
has excellent support for Spring applications, including Spring Boot. You can deploy
stand-alone executable jar applications, as well as traditional .war packaged
applications.

Once Cloud Foundry acknowledges that your application has been deployed, you should be
able to hit the application at the URI given, in this case
http://acloudyspringtime.cfapps.io/.

44.1 Binding to services

By default, meta-data about the running application as well as service connection
information is exposed to the application as environment variables (for example:
$VCAP_SERVICES). This architecture decision is due to Cloud Foundry’s polyglot
(any language and platform can be supported as a buildpack) nature; process-scoped
environment variables are language agnostic.

Environment variables don’t always make for the easiest API so Spring Boot automatically
extracts them and flattens the data into properties that can be accessed through
Spring’s Environment abstraction:

All Cloud Foundry properties are prefixed with vcap. You can use vcap properties to
access application information (such as the public URL of the application) and service
information (such as database credentials). See VcapApplicationListener Javdoc for
complete details.

Tip

The Spring Cloud project is a better
fit for tasks such as configuring a DataSource; it also lets you use Spring Cloud with
Heroku.

45. Heroku

Heroku is another popular PaaS platform. To customize Heroku builds, you provide a
Procfile, which provides the incantation required to deploy an application. Heroku
assigns a port for the Java application to use and then ensures that routing to the
external URI works.

You must configure your application to listen on the correct port. Here’s the Procfile
for our starter REST application:

Spring Boot makes -D arguments available as properties accessible from a Spring
Environment instance. The server.port configuration property is fed to the embedded
Tomcat or Jetty instance which then uses it when it starts up. The $PORT environment
variable is assigned to us by the Heroku PaaS.

Heroku by default will use Java 1.6. This is fine as long as your Maven or Gradle build
is set to use the same version (Maven users can use the java.version property). If you
want to use JDK 1.7, create a new file adjacent to your pom.xml and Procfile,
called system.properties. In this file add the following:

java.runtime.version=1.7

This should be everything you need. The most common workflow for Heroku deployments is to
git push the code to production.

46. CloudBees

CloudBees provides cloud-based “continuous integration” and “continuous delivery”
services as well as Java PaaS hosting. Sean Gilligan
has contributed an excellent
Spring Boot
sample application to the CloudBees community GitHub repository. The project includes
an extensive README
that covers the steps that you need to follow when deploying to CloudBees.

47. Openshift

Openshift is the RedHat public (and enterprise) PaaS solution.
Like Heroku, it works by running scripts triggered by git commits, so you can script
the launching of a Spring Boot application in pretty much any way you like as long as the
Java runtime is available (which is a standard feature you can ask for at Openshift).
To do this you can use the
DIY Cartridge and hooks in your
repository under .openshift/action_scripts:

The basic model is to:

Ensure Java and your build tool are installed remotely, e.g. using a pre_build hook
(Java and Maven are installed by default, Gradle is not)

48. What to read next

Check out the Cloud Foundry, Heroku
and CloudBees web sites for more information about the kinds of
features that a PaaS can offer. These are just three of the most popular Java PaaS
providers, since Spring Boot is so amenable to cloud-based deployment you’re free to
consider other providers as well.

Part VII. Spring Boot CLI

The Spring Boot CLI is a command line tool that can be used if you want to quickly
prototype with Spring. It allows you to run Groovy scripts, which means that you have a
familiar Java-like syntax, without so much boilerplate code.

49. Installing the CLI

The Spring Boot CLI can be installed manually; using GVM (the Groovy Environment
Manually) or using Homebrew if you are an OSX user. See
Section 9.2, “Installing the Spring Boot CLI”
in the “Getting started” section for comprehensive installation instructions.

50. Using the CLI

Once you have installed the CLI you can run it by typing spring. If you run spring
without any arguments, a simple help screen is displayed:

50.1.1 Deduced “grab” dependencies

Standard Groovy includes a @Grab annotation which allows you to declare dependencies
on a third-party libraries. This useful technique allows Groovy to download jars in the
same way as Maven or Gradle would; but without requiring you to use a build tool.

Spring Boot extends this technique further, and will attempt to deduce which libraries
to “grab” based on your code. For example, since the WebApplication code above uses
@RestController annotations, “Tomcat” and “Spring MVC” will be grabbed.

The following items are used as “grab hints”:

Items

Grabs

JdbcTemplate, NamedParameterJdbcTemplate, DataSource

JDBC Application.

@EnableJmsMessaging

JMS Application.

@Test

JUnit.

@EnableRabbitMessaging

RabbitMQ.

@EnableReactor

Project Reactor.

extends Specification

Spock test.

@EnableBatchProcessing

Spring Batch.

@MessageEndpoint@EnableIntegrationPatterns

Spring Integration.

@EnableDeviceResolver

Spring Mobile.

@Controller@RestController@EnableWebMvc

Spring MVC + Embedded Tomcat.

@EnableWebSecurity

Spring Security.

@EnableTransactionManagement

Spring Transaction Management.

Tip

See subclasses of
CompilerAutoConfiguration
in the Spring Boot CLI source code to understand exactly how customizations are applied.

50.1.2 Deduced “grab” coordinates

Spring Boot extends Groovy’s standard @Grab support by allowing you to specify a dependency
without a group or version, for example @Grab('freemarker'). This will consult Spring Boot’s
default dependency metadata to deduce the artifact’s group and version. Note that the default
metadata is tied to the version of the CLI that you’re using – it will only change when you move
to a new version of the CLI, putting you in control of when the versions of your dependencies
may change. A table showing the dependencies and their versions that are included in the default
metadata can be found in the appendix.

Custom “grab” metadata

Spring Boot provides a new annotation, @GrabMetadata that can be used to provide custom
dependency metadata that overrides Spring Boot’s defaults. This metadata is specified by
using this annotation to provide the coordinates of one or more properties files (deployed
to a Maven repository with a "type" identifier: "properties"). For example
@GrabMetadata(['com.example:versions-one:1.0.0', 'com.example.versions-two:1.0.0']) will
pick up files in a Maven repository in "com/example/versions-/1.0.0/versions--1.0.0.properties". The
properties files are applied in the order that they’re specified. In the example above, this
means that properties in versions-two will override properties in versions-one. Each entry
in each properties file must be in the form group:module=version. You can use @GrabMetadata
anywhere that you can use @Grab, however, to ensure consistent ordering of the metadata, you
can only use @GrabMetadata at most once in your application. A useful source of dependency
metadata (a superset of Spring Boot) is the Spring IO Platform, e.g.
@GrabMetadata('io.spring.platform:platform-versions:1.0.0.RELEASE').

50.1.3 Default import statements

To help reduce the size of your Groovy code, several import statements are
automatically included. Notice how the example above refers to @Component,
@RestController and @RequestMapping without needing to use
fully-qualified names or import statements.

Tip

Many Spring annotations will work without using import statements. Try running
your application to see what fails before adding imports.

50.1.4 Automatic main method

Unlike the equivalent Java application, you do not need to include a
public static void main(String[] args) method with your Groovy scripts. A
SpringApplication is automatically created, with your compiled code acting as the
source.

50.2 Testing your code

The test command allows you to compile and run tests for your application. Typical
usage looks like this:

In this example, tests.groovy contains JUnit @Test methods or Spock Specification
classes. All the common framework annotations and static methods should be available to
you without having to import them.

If you have more than one test source files, you might prefer to organize them
into a test directory.

50.3 Applications with multiple source files

You can use “shell globbing” with all commands that accept file input. This allows you
to easily use multiple files from a single directory, e.g.

$ spring run *.groovy

This technique can also be useful if you want to segregate your “test” or “spec” code
from the main application code:

$ spring test app/*.groovy test/*.groovy

50.4 Packaging your application

You can use the jar command to package your application into a self-contained
executable jar file. For example:

$ spring jar my-app.jar *.groovy

The resulting jar will contain the classes produced by compiling the application and all
of the application’s dependencies so that it can then be run using java -jar. The jar
file will also contain entries from the application’s classpath. You can add explicit
paths to the jar using --include and --exclude (both are comma separated, and both
accept prefixes to the values “+” and “-” to signify that they should be removed from
the defaults). The default includes are

public/**, resources/**, static/**, templates/**, META-INF/**, *

and the default excludes are

.*, repository/**, build/**, target/**, **/*.jar, **/*.groovy

See the output of spring help jar for more information.

50.5 Using the embedded shell

Spring Boot includes command-line completion scripts for BASH and zsh shells. If you
don’t use either of these shells (perhaps you are a Windows user) then you can use the
shell command to launch an integrated shell.

The embedded shell supports ANSI color output as well as tab completion. If you need
to run a native command you can use the $ prefix. Hitting ctrl-c will exit the
embedded shell.

51. Developing application with the Groovy beans DSL

Spring Framework 4.0 has native support for a beans{} “DSL” (borrowed from
Grails), and you can embed bean definitions in your Groovy
application scripts using the same format. This is sometimes a good way to include
external features like middleware declarations. For example:

You can mix class declarations with beans{} in the same file as long as they stay at
the top level, or you can put the beans DSL in a separate file if you prefer.

52. What to read next

There are some sample groovy
scripts available from the GitHub repository that you can use to try out the
Spring Boot CLI. There is also extensive javadoc throughout the
source code.

If you find that you reach the limit of the CLI tool, you will probably want to look
at converting your application to full Gradle or Maven built “groovy project”. The
next section covers Spring Boot’s
Build tool plugins that you can
use with Gradle or Maven.

Part VIII. Build tool plugins

Spring Boot provides build tool plugins for Maven and Gradle. The plugins offer a
variety of features, including the packaging of executable jars. This section provides
more details on both plugins, as well as some help should you need to extend an
unsupported build system. If you are just getting started, you might want to read
“Chapter 12, Build systems” from the
Part III, “Using Spring Boot” section first.

53. Spring Boot Maven plugin

The Spring Boot Maven Plugin provides Spring Boot
support in Maven, allowing you to package executable jar or war archives and run an
application “in-place”. To use it you must be using Maven 3 (or better).

This configuration will repackage a jar or war that is built during the package phase of
the Maven lifecycle. The following example shows both the repackaged jar, as well as the
original jar, in the target directory:

53.2 Packaging executable jar and war files

Once spring-boot-maven-plugin has been included in your pom.xml it will automatically
attempt to rewrite archives to make them executable using the spring-boot:repackage
goal. You should configure your project to build a jar or war (as appropriate) using the
usual packaging element:

Your existing archive will be enhanced by Spring Boot during the package phase. The
main class that you want to launch can either be specified using a configuration option,
or by adding a Main-Class attribute to the manifest in the usual way. If you don’t
specify a main class the plugin will search for a class with a
public static void main(String[] args) method.

To build and run a project artifact, you can type the following:

$ mvn package
$ java -jar target/mymodule-0.0.1-SNAPSHOT.jar

To build a war file that is both executable and deployable into an external container you
need to mark the embedded container dependencies as “provided”, e.g:

Advanced configuration options and examples are available in the
plugin info page.

54. Spring Boot Gradle plugin

The Spring Boot Gradle Plugin provides Spring Boot support in Gradle, allowing you to
package executable jar or war archives, run Spring Boot applications and omit version
information from your build.gradle file for “blessed” dependencies.

54.1 Including the plugin

To use the Spring Boot Gradle Plugin simply include a buildscript dependency and apply
the spring-boot plugin:

54.2 Declaring dependencies without versions

The spring-boot plugin will register a custom Gradle ResolutionStrategy with your
build that allows you to omit version numbers when declaring dependencies to “blessed”
artifacts. To make use of this functionality, simply declare dependencies in the usual way,
but leave the version number empty:

The version of the spring-boot gradle plugin that you declare determines the
actual versions of the “blessed” dependencies (this ensures that builds are always
repeatable). You should always set the version of the spring-boot gradle plugin to the
actual Spring Boot version that you wish to use. Details of the versions that are
provided can be found in the appendix.

The spring-boot plugin will only supply a version where one is not specified. To
use a version of an artifact that differs from the one that the plugin would provide,
simply specify the version when you declare the dependency as you usually would. For
example:

54.2.1 Custom version management

If is possible to customize the versions used by the ResolutionStrategy if you need
to deviate from Spring Boot’s “blessed” dependencies. Alternative version meta-data
is consulted using the versionManagement configuration. For example:

Version information needs to be published to a repository as a .properties file. For
the above example mycorp-versions.properties file might contain the following:

org.springframework.data\:spring-data-hadoop=2.0.0.RELEASE

The properties file takes precedence over Spring Boot’s defaults, and can be used
to override version numbers if necessary.

54.3 Default exclude rules

Gradle handles “exclude rules” in a slightly different way to Maven which can cause
unexpected results when using the starter POMs. Specifically, exclusions declared on
a dependency will not be applied when the dependency can be reached though a different
path. For example, if a starter POM declares the following:

The commons-logging jar will not be excluded by Gradle because it is pulled in
transitively via spring-context (spring-context → spring-core → commons-logging)
which does not have an exclusion element.

To ensure that correct exclusions are actually applied, the Spring Boot Gradle plugin will
automatically add exclusion rules. All exclusions defined in the
spring-boot-dependencies POM and implicit rules for the “starter” POMs will be added.

If you don’t want exclusion rules automatically applied you can use the following
configuration:

springBoot {
applyExcludeRules=false
}

54.4 Packaging executable jar and war files

Once the spring-boot plugin has been applied to your project it will automatically
attempt to rewrite archives to make them executable using the bootRepackage task. You
should configure your project to build a jar or war (as appropriate) in the usual way.

The main class that you want to launch can either be specified using a configuration
option, or by adding a Main-Class attribute to the manifest. If you don’t specify a
main class the plugin will search for a class with a
public static void main(String[] args) method.

To build and run a project artifact, you can type the following:

$ gradle build
$ java -jar build/libs/mymodule-0.0.1-SNAPSHOT.jar

To build a war file that is both executable and deployable into an external container,
you need to mark the embedded container dependencies as belonging to a configuration
named “providedRuntime”, e.g:

54.5 Running a project in-place

To run a project in place without building a jar first you can use the “bootRun” task:

$ gradle bootRun

Running this way makes your static classpath resources (i.e. in src/main/resources by
default) reloadable in the live application, which can be helpful at development time.

54.6 Spring Boot plugin configuration

The gradle plugin automatically extends your build script DSL with a springBoot element
for global configuration of the Boot plugin. Set the appropriate properties as you would
with any other Gradle extension (see below for a list of configuration options):

springBoot {
backupSource = false
}

54.7 Repackage configuration

The plugin adds a bootRepackage task which you can also configure directly, e.g.:

bootRepackage {
mainClass = 'demo.Application'
}

The following configuration options are available:

Name

Description

enabled

Boolean flag to switch the repackager off (sometimes useful if you
want the other Boot features but not this one)

mainClass

The main class that should be run. If not specified the mainClassName project property
will be used or, if the no mainClassName id defined the archive will be searched for a
suitable class. "Suitable" means a unique class with a well-formed main() method (if
more than one is found the build will fail). You should also be able to specify the main
class name via the "run" task (main property) and/or the "startScripts"
(mainClassName property) as an alternative to using the "springBoot" configuration.

classifier

A file name segment (before the extension) to add to the archive, so that the original is
preserved in its original location. Defaults to null in which case the archive is
repackaged in place. The default is convenient for many purposes, but if you want to use
the original jar as a dependency in another project, it’s best to use an extension to
define the executable archive.

withJarTask

The name or value of the Jar task (defaults to all tasks of type Jar) which is used
to locate the archive to repackage.

customConfiguration

The name of the custom configuration whuch is used to populate the nested lib directory
(without specifying this you get all compile and runtime dependencies).

54.8 Repackage with custom Gradle configuration

Sometimes it may be more appropriate to not package default dependencies resolved from
compile, runtime and provided scopes. If the created executable jar file
is intended to be run as it is, you need to have all dependencies nested inside it;
however, if the plan is to explode a jar file and run the main class manually, you may already
have some of the libraries available via CLASSPATH. This is a situation where
you can repackage your jar with a different set of dependencies.

Using a custom
configuration will automatically disable dependency resolving from
compile, runtime and provided scopes. Custom configuration can be either
defined globally (inside the springBoot section) or per task.

In above example, we created a new clientJar Jar task to package a customized
file set from your compiled sources. Then we created a new clientBoot
BootRepackage task and instructed it to work with only clientJar task and
mycustomconfiguration.

The configuration that we are referring to in BootRepackage is a normal
Gradle
configuration. In the above example we created a new configuration named
mycustomconfiguration instructing it to derive from a runtime and exclude the log4j
group. If the clientBoot task is executed, the repackaged boot jar will have all
dependencies from runtime but no log4j jars.

54.8.1 Configuration options

The following configuration options are available:

Name

Description

mainClass

The main class that should be run by the executable archive.

providedConfiguration

The name of the provided configuration (defaults to providedRuntime).

backupSource

If the original source archive should be backed-up before being repackaged (defaults
to true).

customConfiguration

The name of the custom configuration.

layout

The type of archive, corresponding to how the dependencies are laid out inside
(defaults to a guess based on the archive type).

requiresUnpack

A list of dependencies (in the form “groupId:artifactId” that must be unpacked from
fat jars in order to run. Items are still packaged into the fat jar, but they will be
automatically unpacked when it runs.

54.9 Understanding how the Gradle plugin works

When spring-boot is applied to your Gradle project a default task named bootRepackage
is created automatically. The bootRepackage task depends on Gradle assemble task, and
when executed, it tries to find all jar artifacts whose qualifier is empty (i.e. tests and
sources jars are automatically skipped).

Due to the fact that bootRepackage finds all created jar artifacts, the order of
Gradle task execution is important. Most projects only create a single jar file, so
usually this is not an issue; however, if you are planning to create a more complex
project setup, with custom Jar and BootRepackage tasks, there are few tweaks to
consider.

If you are just creating custom jar files from your project you can simply disable
default jar and bootRepackage tasks:

jar.enabled = false
bootRepackage.enabled = false

Another option is to instruct the default bootRepackage task to only work with a
default jar task.

bootRepackage.withJarTask = jar

If you have a default project setup where the main jar file is created and repackaged,
and you still want to create additional custom jars, you can combine your custom
repackage tasks together and use dependsOn so that the bootJars task will run after
the default bootRepackage task is executed:

All the above tweaks are usually used to avoid situations where an already created boot
jar is repackaged again. Repackaging an existing boot jar will not break anything, but
you may find that it includes unnecessary dependencies.

55. Supporting other build systems

If you want to use a build tool other than Maven or Gradle, you will likely need to develop
your own plugin. Executable jars need to follow a specific format and certain entries need
to be written in an uncompressed form (see the
executable jar format section
in the appendix for details).

The Spring Boot Maven and Gradle plugins both make use of spring-boot-loader-tools to
actually generate jars. You are also free to use this library directly yourself if you
need to.

55.1 Repackaging archives

To repackage an existing archive so that it becomes a self-contained executable archive
use org.springframework.boot.loader.tools.Repackager. The Repackager class takes a
single constructor argument that refers to an existing jar or war archive. Use one of the
two available repackage() methods to either replace the original file or write to a new
destination. Various settings can also be configured on the repackager before it is
run.

55.2 Nested libraries

When repackaging an archive you can include references to dependency files using the
org.springframework.boot.loader.tools.Libraries interface. We don’t provide any
concrete implementations of Libraries here as they are usually build system specific.

If your archive already includes libraries you can use Libraries.NONE.

55.3 Finding a main class

If you don’t use Repackager.setMainClass() to specify a main class, the repackager will
use ASM to read class files and attempt to find a suitable class
with a public static void main(String[] args) method. An exception is thrown if more
than one candidate is found.

56. What to read next

If you’re interested in how the build tool plugins work you can
look at the spring-boot-tools module on GitHub. More
technical details of the executable
jar format are covered in the appendix.

If you have specific build-related questions you can check out the
‘how-to’ guides.

Part IX. “How-to” guides

This section provides answers to some common “how do I do that…” type of questions
that often arise when using Spring Boot. This is by no means an exhaustive list, but it
does cover quite a lot.

If you are having a specific problem that we don’t cover here, you might want to check out
stackoverflow.com to see if someone has
already provided an answer; this is also a great place to ask new questions (please use
the spring-boot tag).

We’re also more than happy to extend this section; If you want to add a “how-to” you
can send us a pull request.

57. Spring Boot application

57.1 Troubleshoot auto-configuration

The Spring Boot auto-configuration tries its best to “do the right thing”, but
sometimes things fail and it can be hard to tell why.

There is a really useful AutoConfigurationReport available in any Spring Boot
ApplicationContext. You will see it if you enable DEBUG logging output. If you use
the spring-boot-actuator there is also an autoconfig endpoint that renders the report
in JSON. Use that to debug the application and see what features have been added (and
which not) by Spring Boot at runtime.

Many more questions can be answered by looking at the source code and the javadoc. Some
rules of thumb:

Look for classes called *AutoConfiguration and read their sources, in particular the
@Conditional* annotations to find out what features they enable and when. Add
--debug to the command line or a System property -Ddebug to get a log on the
console of all the autoconfiguration decisions that were made in your app. In a running
Actuator app look at the autoconfig endpoint (‘/autoconfig’ or the JMX equivalent) for
the same information.

Look for classes that are @ConfigurationProperties (e.g.
ServerProperties)
and read from there the available external configuration options. The
@ConfigurationProperties has a name attribute which acts as a prefix to external
properties, thus ServerProperties has prefix="server" and its configuration properties
are server.port, server.address etc. In a running Actuator app look at the
configprops endpoint.

Look for use of RelaxedEnvironment to pull configuration values explicitly out of the
Environment. It often is used with a prefix.

Look for @Value annotations that bind directly to the Environment. This is less
flexible than the RelaxedEnvironment approach, but does allow some relaxed binding,
specifically for OS environment variables (so CAPITALS_AND_UNDERSCORES are synonyms
for period.separated).

Look for @ConditionalOnExpression annotations that switch features on and off in
response to SpEL expressions, normally evaluated with place-holders resolved from the
Environment.

57.2 Customize the Environment or ApplicationContext before it starts

A SpringApplication has ApplicationListeners and ApplicationContextInitializers that
are used to apply customizations to the context or environment. Spring Boot loads a number
of such customizations for use internally from META-INF/spring.factories. There is more
than one way to register additional ones:

Programmatically per application by calling the addListeners and addInitializers
methods on SpringApplication before you run it.

Declaratively per application by setting context.initializer.classes or
context.listener.classes.

Declaratively for all applications by adding a META-INF/spring.factories and packaging
a jar file that the applications all use as a library.

The SpringApplication sends some special ApplicationEvents to the listeners (even
some before the context is created), and then registers the listeners for events published
by the ApplicationContext as well. See
Section 20.4, “Application events and listeners” in the
“Spring Boot features” section for a complete list.

You can use the ApplicationBuilder class to create parent/child ApplicationContext
hierarchies. See Section 20.3, “Fluent builder API”
in the “Spring Boot features” section for more information.

57.4 Create a non-web application

Not all Spring applications have to be web applications (or web services). If you want to
execute some code in a main method, but also bootstrap a Spring application to set up
the infrastructure to use, then it’s easy with the SpringApplication features of Spring
Boot. A SpringApplication changes its ApplicationContext class depending on whether it
thinks it needs a web application or not. The first thing you can do to help it is to just
leave the servlet API dependencies off the classpath. If you can’t do that (e.g. you are
running 2 applications from the same code base) then you can explicitly call
SpringApplication.setWebEnvironment(false), or set the applicationContextClass
property (through the Java API or with external properties).
Application code that you want to run as your business logic can be implemented as a
CommandLineRunner and dropped into the context as a @Bean definition.

58. Properties & configuration

58.1 Externalize the configuration of SpringApplication

A SpringApplication has bean properties (mainly setters) so you can use its Java API as
you create the application to modify its behavior. Or you can externalize the
configuration using properties in spring.main.*. E.g. in application.properties you
might have.

spring.main.web_environment=false
spring.main.show_banner=false

and then the Spring Boot banner will not be printed on startup, and the application will
not be a web application.

Note

The example above also demonstrates how flexible binding allows the use of
underscores (_) as well as dashes (-) in property names.

58.2 Change the location of external properties of an application

By default properties from different sources are added to the Spring Environment in a
defined order (see Chapter 21, Externalized Configuration in
the “Spring Boot features” section for the exact order).

A nice way to augment and modify this is to add @PropertySource annotations to your
application sources. Classes passed to the SpringApplication static convenience
methods, and those added using setSources() are inspected to see if they have
@PropertySources, and if they do, those properties are added to the Environment early
enough to be used in all phases of the ApplicationContext lifecycle. Properties added
in this way have precedence over any added using the default locations, but have lower
priority than system properties, environment variables or the command line.

You can also provide System properties (or environment variables) to change the behavior:

spring.config.name (SPRING_CONFIG_NAME), defaults to application as the root of
the file name.

spring.config.location (SPRING_CONFIG_LOCATION) is the file to load (e.g. a classpath
resource or a URL). A separate Environment property source is set up for this document
and it can be overridden by system properties, environment variables or the
command line.

No matter what you set in the environment, Spring Boot will always load
application.properties as described above. If YAML is used then files with the “.yml”
extension are also added to the list by default.

58.3 Use “short” command line arguments

Some people like to use (for example) --port=9000 instead of --server.port=9000 to
set configuration properties on the command line. You can easily enable this by using
placeholders in application.properties, e.g.

server.port=${port:8080}

Tip

If you are inheriting from the spring-boot-starter-parent POM, or if have enabled
maven filtering for the application.properties directly, you may want to change the
default filter token from ${*} since it conflicts with those placeholders.
You can either use @*@ (i.e. @[email protected] instead of ${maven.token}) or you can
configure the maven-resources-plugin to use
other delimiters.

Note

In this specific case the port binding will work in a PaaS environment like Heroku
and Cloud Foundry, since in those two platforms the PORT environment variable is set
automatically and Spring can bind to capitalized synonyms for Environment properties.

58.4 Use YAML for external properties

YAML is a superset of JSON and as such is a very convenient syntax for storing external
properties in a hierarchical format. E.g.

Create a file called application.yml and stick it in the root of your classpath, and
also add snakeyaml to your dependencies (Maven coordinates org.yaml:snakeyaml, already
included if you use the spring-boot-starter). A YAML file is parsed to a Java
Map<String,Object> (like a JSON object), and Spring Boot flattens the map so that it
is 1-level deep and has period-separated keys, a lot like people are used to with
Properties files in Java.

58.5 Set the active Spring profiles

The Spring Environment has an API for this, but normally you would set a System profile
(spring.profiles.active) or an OS environment variable (SPRING_PROFILES_ACTIVE). E.g.
launch your application with a -D argument (remember to put it before the main class
or jar archive):

In Spring Boot you can also set the active profile in application.properties, e.g.

spring.profiles.active=production

A value set this way is replaced by the System property or environment variable setting,
but not by the SpringApplicationBuilder.profiles() method. Thus the latter Java API can
be used to augment the profiles without changing the defaults.

58.6 Change configuration depending on the environment

A YAML file is actually a sequence of documents separated by --- lines, and each
document is parsed separately to a flattened map.

If a YAML document contains a spring.profiles key, then the profiles value
(comma-separated list of profiles) is fed into the Spring
Environment.acceptsProfiles() and if any of those profiles is active that document is
included in the final merge (otherwise not).

In this example the default port is 9000, but if the Spring profile “development” is
active then the port is 9001, and if “production” is active then it is 0.

The YAML documents are merged in the order they are encountered (so later values override
earlier ones).

To do the same thing with properties files you can use application-${profile}.properties
to specify profile-specific values.

58.7 Discover built-in options for external properties

Spring Boot binds external properties from application.properties (or .yml) (and
other places) into an application at runtime. There is not (and technically cannot be)
an exhaustive list of all supported properties in a single location because contributions
can come from additional jar files on your classpath.

A running application with the Actuator features has a configprops endpoint that shows
all the bound and bindable properties available through @ConfigurationProperties.

The appendix includes an application.properties example with a list of the most common properties supported by
Spring Boot. The definitive list comes from searching the source code for
@ConfigurationProperties and @Value annotations, as well as the occasional use of
RelaxedEnvironment.

59. Embedded servlet containers

59.1 Add a Servlet, Filter or ServletContextListener to an application

Servlet, Filter, ServletContextListener and the other listeners supported by the
Servlet spec can be added to your application as @Bean definitions. Be very careful that
they don’t cause eager initialization of too many other beans because they have to be
installed in the container very early in the application lifecycle (e.g. it’s not a good
idea to have them depend on your DataSource or JPA configuration). You can work around
restrictions like that by initializing them lazily when first used instead of on
initialization.

In the case of Filters and Servlets you can also add mappings and init parameters by
adding a FilterRegistrationBean or ServletRegistrationBean instead of or as well as
the underlying component.

59.2 Change the HTTP port

In a standalone application the main HTTP port defaults to 8080, but can be set with
server.port (e.g. in application.properties or as a System property). Thanks to
relaxed binding of Environment values you can also use SERVER_PORT (e.g. as an OS
environment variable).

To switch off the HTTP endpoints completely, but still create a WebApplicationContext,
use server.port=-1 (this is sometimes useful for testing).

59.3 Use a random unassigned HTTP port

To scan for a free port (using OS natives to prevent clashes) use server.port=0.

59.4 Discover the HTTP port at runtime

You can access the port the server is running on from log output or from the
EmbeddedWebApplicationContext via its EmbeddedServletContainer. The best way to get
that and be sure that it has initialized is to add a @Bean of type
ApplicationListener<EmbeddedServletContainerInitializedEvent> and pull the container
out of the event when it is published.

A really useful thing to do in is to use @IntegrationTest to set server.port=0
and then inject the actual (“local”) port as a @Value. For example:

59.5 Configure Tomcat

Generally you can follow the advice from
Section 58.7, “Discover built-in options for external properties” about
@ConfigurationProperties (ServerProperties is the main one here), but also look at
EmbeddedServletContainerCustomizer and various Tomcat specific *Customizers that you
can add in one of those. The Tomcat APIs are quite rich so once you have access to the
TomcatEmbeddedServletContainerFactory you can modify it in a number of ways. Or the
nuclear option is to add your own TomcatEmbeddedServletContainerFactory.

59.6 Terminate SSL in Tomcat

Use an EmbeddedServletContainerCustomizer and in that add a TomcatConnectorCustomizer
that sets up the connector to be secure:

59.8 Use Tomcat behind a front-end proxy server

Spring Boot will automatically configure Tomcat’s RemoteIpValve if it detects some
environment settings. This allows you to transparently use the standard x-forwarded-for
and x-forwarded-proto headers that most front-end proxy servers add.

You can switch on the valve by adding some entries to application.properties, e.g.

Alternatively, you can add the RemoteIpValve yourself by adding a
TomcatEmbeddedServletContainerFactory bean.

59.9 Use Jetty instead of Tomcat

The Spring Boot starters (spring-boot-starter-web in particular) use Tomcat as an
embedded container by default. You need to exclude those dependencies and include the
Jetty one instead. Spring Boot provides Tomcat and Jetty dependencies bundled together
as separate starters to help make this process as easy as possible.

59.10 Configure Jetty

Generally you can follow the advice from
Section 58.7, “Discover built-in options for external properties” about
@ConfigurationProperties (ServerProperties is the main one here), but also look at
EmbeddedServletContainerCustomizer. The Jetty APIs are quite rich so once you have
access to the JettyEmbeddedServletContainerFactory you can modify it in a number
of ways. Or the nuclear option is to add your own JettyEmbeddedServletContainerFactory.

59.11 Use Tomcat 8

Tomcat 8 works with Spring Boot, but the default is to use Tomcat 7 (so we can support
Java 1.6 out of the box). You should only need to change the classpath to use
Tomcat 8 for it to work. For example, using the starter poms in Maven:

As long as MyThing can be serialized by Jackson2 (e.g. a normal POJO or Groovy object)
then http://localhost:8080/thing will serve a JSON representation of it by default.
Sometimes in a browser you might see XML responses (but by default only if MyThing was
a JAXB object) because browsers tend to send accept headers that prefer XML.

60.2 Write an XML REST service

Since JAXB is in the JDK the same example as we used for JSON would work, as long as the
MyThing was annotated as @XmlRootElement:

To get the server to render XML instead of JSON you might have to send an
Accept: text/xml header (or use a browser).

60.3 Customize the Jackson ObjectMapper

Spring MVC (client and server side) uses HttpMessageConverters to negotiate content
conversion in an HTTP exchange. If Jackson is on the classpath you already get a default
converter with a vanilla ObjectMapper. Spring Boot has some features to make it easier
to customize this behavior.

The smallest change that might work is to just add beans of type
com.fasterxml.jackson.databind.Module to your context. They will be registered with the
default ObjectMapper and then injected into the default message converter. To replace
the default ObjectMapper completely, define a @Bean of that type and mark it as
@Primary.

In addition, if your context contains any beans of type ObjectMapper then all of the
Module beans will be registered with all of the mappers. So there is a global mechanism
for contributing custom modules when you add new features to your application.

Finally, if you provide any @Beans of type MappingJackson2HttpMessageConverter then
they will replace the default value in the MVC configuration. Also, a convenience bean is
provided of type HttpMessageConverters (always available if you use the default MVC
configuration) which has some useful methods to access the default and user-enhanced
message converters.

60.4 Customize the @ResponseBody rendering

Spring uses HttpMessageConverters to render @ResponseBody (or responses from
@RestController). You can contribute additional converters by simply adding beans of
that type in a Spring Boot context. If a bean you add is of a type that would have been
included by default anyway (like MappingJackson2HttpMessageConverter for JSON
conversions) then it will replace the default value. A convenience bean is provided of
type HttpMessageConverters (always available if you use the default MVC configuration)
which has some useful methods to access the default and user-enhanced message converters
(useful, for example if you want to manually inject them into a custom RestTemplate).

As in normal MVC usage, any WebMvcConfigurerAdapter beans that you provide can also
contribute converters by overriding the configureMessageConverters method, but unlike
with normal MVC, you can supply only additional converters that you need (because Spring
Boot uses the same mechanism to contribute its defaults). Finally, if you opt-out of the
Spring Boot default MVC configuration by providing your own @EnableWebMvc configuration,
then you can take control completely and do everything manually using
getMessageConverters from WebMvcConfigurationSupport.

60.5 Handling Multipart File Uploads

Spring Boot embraces the Servlet 3 javax.servlet.http.Part API to support uploading
files. By default Spring Boot configures Spring MVC with a maximum file of 1Mb per
file and a maximum of 10Mb of file data in a single request. You may override these
values, as well as the location to which intermediate data is stored (e.g., to the /tmp
directory) and the threshold past which data is flushed to disk by using the properties
exposed in the MultipartProperties class. If you want to specify that files be
unlimited, for example, set the multipart.maxFileSize property to -1.

The multipart support is helpful when you want to receive multipart encoded file data as
a @RequestParam-annotated parameter of type MultipartFile in a Spring MVC controller
handler method.

60.6 Switch off the Spring MVC DispatcherServlet

Spring Boot wants to serve all content from the root of your application / down. If you
would rather map your own servlet to that URL you can do it, but of course you may lose
some of the other Boot MVC features. To add your own servlet and map it to the root
resource just declare a @Bean of type Servlet and give it the special bean name
dispatcherServlet (You can also create a bean of a different type with that name if
you want to switch it off and not replace it).

60.7 Switch off the Default MVC configuration

The easiest way to take complete control over MVC configuration is to provide your own
@Configuration with the @EnableWebMvc annotation. This will leave all MVC
configuration in your hands.

60.8 Customize ViewResolvers

A ViewResolver is a core component of Spring MVC, translating view names in
@Controller to actual View implementations. Note that ViewResolvers are mainly
used in UI applications, rather than REST-style services (a View is not used to render
a @ResponseBody). There are many implementations of ViewResolver to choose from, and
Spring on its own is not opinionated about which ones you should use. Spring Boot, on the
other hand, installs one or two for you depending on what it finds on the classpath and
in the application context. The DispatcherServlet uses all the resolvers it finds in
the application context, trying each one in turn until it gets a result, so if you are
adding your own you have to be aware of the order and in which position your resolver is
added.

WebMvcAutoConfiguration adds the following ViewResolvers to your context:

An InternalResourceViewResolver with bean id “defaultViewResolver”. This one locates
physical resources that can be rendered using the DefaultServlet (e.g. static
resources and JSP pages if you are using those). It applies a prefix and a suffix to the
view name and then looks for a physical resource with that path in the servlet context
(defaults are both empty, but accessible for external configuration via
spring.view.prefix and spring.view.suffix). It can be overridden by providing a
bean of the same type.

A BeanNameViewResolver with id “beanNameViewResolver”. This is a useful member of the
view resolver chain and will pick up any beans with the same name as the View being
resolved. It shouldn’t be necessary to override or replace it.

A ContentNegotiatingViewResolver with id “viewResolver” is only added if there are
actually beans of type View present. This is a “master” resolver, delegating to all
the others and attempting to find a match to the “Accept” HTTP header sent by the
client. There is a useful
blog about ContentNegotiatingViewResolver
that you might like to study to learn more, and also look at the source code for detail.
You can switch off the auto-configured
ContentNegotiatingViewResolver by defining a bean named “viewResolver”.

If you use Thymeleaf you will also have a ThymeleafViewResolver with id
“thymeleafViewResolver”. It looks for resources by surrounding the view name with a
prefix and suffix (externalized to spring.thymeleaf.prefix and
spring.thymeleaf.suffix, defaults “classpath:/templates/” and “.html”
respectively). It can be overridden by providing a bean of the same name.

If you use FreeMarker you will also have a FreeMarkerViewResolver with id
“freeMarkerViewResolver”. It looks for resources in a loader path (externalized to
spring.freemarker.templateLoaderPath, default “classpath:/templates/”) by
surrounding the view name with a prefix and suffix (externalized to spring.freemarker.prefix
and spring.freemarker.suffix, with empty and “.ftl” defaults respectively). It can
be overridden by providing a bean of the same name.

If you use Groovy templates (actually if groovy-templates is on your classpath) you will
also have a Groovy TemplateViewResolver with id “groovyTemplateViewResolver”. It
looks for resources in a loader path by surrounding the view name with a prefix and
suffix (externalized to spring.groovy.template.prefix and
spring.groovy.template.suffix, defaults “classpath:/templates/” and “.tpl”
respectively). It can be overriden by providing a bean of the same name.

If you use Velocity you will also have a VelocityViewResolver with id “velocityViewResolver”.
It looks for resources in a loader path (externalized to spring.velocity.resourceLoaderPath,
default “classpath:/templates/”) by surrounding the view name with a prefix and suffix
(externalized to spring.velocity.prefix and spring.velocity.suffix, with empty and “.vm”
defaults respectively). It can be overridden by providing a bean of the same name.

61. Logging

Spring Boot has no mandatory logging dependence, except for the commons-logging API, of
which there are many implementations to choose from. To use Logback
you need to include it, and some bindings for commons-logging on the classpath. The
simplest way to do that is through the starter poms which all depend on
spring-boot-starter-logging. For a web application you only need
spring-boot-starter-web since it depends transitively on the logging starter.
For example, using Maven:

You can also set the location of a file to log to (in addition to the console) using
"logging.file".

To configure the more fine grained settings of a logging system you need to use the native
configuration format supported by the LoggingSystem in question. By default Spring Boot
picks up the native configuration from its default location for the system (e.g.
classpath:logback.xml for Logback), but you can set the location of the config file
using the "logging.config" property.

61.1 Configure Logback for logging

If you put a logback.xml in the root of your classpath it will be picked up from there.
Spring Boot provides a default base configuration that you can include if you just want
to set levels, e.g.

If you look at the default logback.xml in the spring-boot jar you will see that it uses
some useful System properties which the LoggingSystem takes care of creating for you.
These are:

${PID} the current process ID.

${LOG_FILE} if logging.file was set in Boot’s external configuration.

${LOG_PATH} if logging.path was set (representing a directory for
log files to live in).

Spring Boot also provides some nice ANSI colour terminal output on a console (but not in
a log file) using a custom Logback converter. See the default base.xml configuration
for details.

If Groovy is on the classpath you should be able to configure Logback with
logback.groovy as well (it will be given preference if present).

61.2 Configure Log4j for logging

Spring Boot supports Log4j for logging
configuration, but it has to be on the classpath. If you are using the starter poms for
assembling dependencies that means you have to exclude logback and then include log4j
instead. If you aren’t using the starter poms then you need to provide commons-logging
(at least) in addition to Log4j.

The simplest path to using Log4j is probably through the starter poms, even though it
requires some jiggling with excludes, e.g. in Maven:

The use of the log4j starter gathers together the dependencies for common logging
requirements (e.g. including having Tomcat use java.util.logging but configure the
output using Log4j). See the Actuator Log4j Sample for more detail and to see it in
action.

62. Data Access

62.1 Configure a DataSource

To override the default settings just define a @Bean of your own of type DataSource.
Spring Boot provides a utility builder class DataSourceBuilder that can be used
to create one of the standard ones (if it is on the classpath), or you can just create
your own, and bind it to a set of Environment properties e.g.

62.2 Configure Two DataSources

Creating more than one data source works the same as creating the first one. You might
want to mark one of them as @Primary if you are using the default auto-configuration for
JDBC or JPA (then that one will be picked up by any @Autowired injections).

62.3 Use Spring Data repositories

Spring Data can create implementations for you of @Repository interfaces of various
flavours. Spring Boot will handle all of that for you as long as those @Repositories
are included in the same package (or a sub-package) of your @EnableAutoConfiguration
class.

For many applications all you will need is to put the right Spring Data dependencies on
your classpath (there is a spring-boot-starter-data-jpa for JPA and a
spring-boot-starter-data-mongodb for Mongodb), create some repository interfaces to handle your
@Entity objects. Examples are in the JPA sample
or the Mongodb sample.

Spring Boot tries to guess the location of your @Repository definitions, based on the
@EnableAutoConfiguration it finds. To get more control, use the @EnableJpaRepositories
annotation (from Spring Data JPA).

62.4 Separate @Entity definitions from Spring configuration

Spring Boot tries to guess the location of your @Entity definitions, based on the
@EnableAutoConfiguration it finds. To get more control, you can use the @EntityScan
annotation, e.g.

62.5 Configure JPA properties

Spring Data JPA already provides some vendor-independent configuration options (e.g.
for SQL logging) and Spring Boot exposes those, and a few more for hibernate as external
configuration properties. The most common options to set are:

(Because of relaxed data binding hyphens or underscores should work equally well as
property keys.) The ddl-auto setting is a special case in that it has different
defaults depending on whether you are using an embedded database (create-drop) or not
(none). In addition all properties in spring.jpa.properties.* are passed through as
normal JPA properties (with the prefix stripped) when the local EntityManagerFactory is
created.

62.6 Use a custom EntityManagerFactory

To take full control of the configuration of the EntityManagerFactory, you need to add
a @Bean named “entityManagerFactory”. Spring Boot auto-configuration switches off its
entity manager based on the presence of a bean of that type.

62.7 Use Two EntityManagers

Even if the default EntityManagerFactory works fine, you will need to define a new one
because otherwise the presence of the second bean of that type will switch off the
default. To make it easy to do that you can use the convenient EntityManagerBuilder
provided by Spring Boot, or if you prefer you can just use the
LocalContainerEntityManagerFactoryBean directly from Spring ORM.

The configuration above almost works on its own. To complete the picture you need to
configure TransactionManagers for the two EntityManagers as well. One of them could
be picked up by the default JpaTransactionManager in Spring Boot if you mark it as
@Primary. The other would have to be explicitly injected into a new instance. Or you
might be able to use a JTA transaction manager spanning both.

62.8 Use a traditional persistence.xml

Spring doesn’t require the use of XML to configure the JPA provider, and Spring Boot
assumes you want to take advantage of that feature. If you prefer to use persistence.xml
then you need to define your own @Bean of type LocalEntityManagerFactoryBean (with
id “entityManagerFactory”, and set the persistence unit name there.

62.9 Use Spring Data JPA and Mongo repositories

Spring Data JPA and Spring Data Mongo can both create Repository implementations for you
automatically. If they are both present on the classpath, you might have to do some extra
configuration to tell Spring Boot which one (or both) you want to create repositories for
you. The most explicit way to do that is to use the standard Spring Data
@Enable*Repositories and tell it the location of your Repository interfaces
(where “*” is “Jpa” or “Mongo” or both).

There are also flags spring.data.*.repositories.enabled that you can use to switch the
auto-configured repositories on and off in external configuration. This is useful for
instance in case you want to switch off the Mongo repositories and still use the
auto-configured MongoTemplate.

The same obstacle and the same features exist for other auto-configured Spring Data
repository types (Elasticsearch, Solr). Just change the names of the annotations and flags
respectively.

63. Database initialization

An SQL database can be initialized in different ways depending on what your stack is. Or
of course you can do it manually as long as the database is a separate process.

63.1 Initialize a database using JPA

JPA has features for DDL generation, and these can be set up to run on startup against the
database. This is controlled through two external properties:

spring.jpa.generate-ddl (boolean) switches the feature on and off and is vendor
independent.

spring.jpa.hibernate.ddl-auto (enum) is a Hibernate feature that controls the
behavior in a more fine-grained way. See below for more detail.

63.2 Initialize a database using Hibernate

You can set spring.jpa.hibernate.ddl-auto explicitly and the standard Hibernate property
values are none, validate, update, create-drop. Spring Boot chooses a default
value for you based on whether it thinks your database is embedded (default create-drop)
or not (default none). An embedded database is detected by looking at the Connection
type: hsqldb, h2 and derby are embedded, the rest are not. Be careful when switching
from in-memory to a “real” database that you don’t make assumptions about the existence of
the tables and data in the new platform. You either have to set ddl-auto explicitly, or
use one of the other mechanisms to initialize the database.

In addition, a file named import.sql in the root of the classpath will be executed on
startup. This can be useful for demos and for testing if you are careful, but probably
not something you want to be on the classpath in production. It is a Hibernate feature
(nothing to do with Spring).

63.3 Initialize a database using Spring JDBC

Spring JDBC has a DataSource initializer feature. Spring Boot enables it by default and
loads SQL from the standard locations schema.sql and data.sql (in the root of the
classpath). In addition Spring Boot will load the schema-${platform}.sql
and data-${platform}.sql files (if present), where
platform is the value of spring.datasource.platform, e.g. you might choose to set
it to the vendor name of the database (hsqldb, h2, oracle, mysql,
postgresql etc.). Spring Boot enables the failfast feature of the Spring JDBC
initializer by default, so if the scripts cause exceptions the application will fail
to start. The script locations can be changed by setting spring.datasource.schema and
spring.datasource.data, and neither location will be processed if
spring.datasource.initialize=false.

To disable the failfast you can set spring.datasource.continueOnError=true. This can be
useful once an application has matured and been deployed a few times, since the scripts
can act as “poor man’s migrations” — inserts that fail mean that the data is already
there, so there would be no need to prevent the application from running, for instance.

If you want to use the schema.sql initialization in a JPA app (with
Hibernate) then ddl-auto=create-drop will lead to errors if
Hibernate tries to create the same tables. To avoid those errors set
ddl-auto explicitly to "" (preferable) or "none". Whether or not you use
ddl-auto=create-drop you can always use data.sql to initialize new
data.

63.4 Initialize a Spring Batch database

If you are using Spring Batch then it comes pre-packaged with SQL initialization scripts
for most popular database platforms. Spring Boot will detect your database type, and
execute those scripts by default, and in this case will switch the fail fast setting to
false (errors are logged but do not prevent the application from starting). This is
because the scripts are known to be reliable and generally do not contain bugs, so errors
are ignorable, and ignoring them makes the scripts idempotent. You can switch off the
initialization explicitly using spring.batch.initializer.enabled=false.

63.5 Use a higher level database migration tool

Spring Boot works fine with higher level migration tools Flyway
(SQL-based) and Liquibase (XML). In general we prefer
Flyway because it is easier on the eyes, and it isn’t very common to need platform
independence: usually only one or at most couple of platforms is needed.

63.5.1 Execute Flyway database migrations on startup

To automatically run Flyway database migrations on startup, add the
org.flywaydb:flyway-core to your classpath.

The migrations are scripts in the form V<VERSION>__<NAME>.sql (with <VERSION> an
underscore-separated version, e.g. “1” or “2_1”). By default they live in a folder
classpath:db/migration but you can modify that using flyway.locations (a list). See
the Flyway class from flyway-core for details of available settings like schemas etc. In
addition Spring Boot provides a small set of properties in
FlywayProperties
that can be used to disable the migrations, or switch off the location checking.

By default Flyway will autowire the (@Primary) DataSource in your context and
use that for migrations. If you like to use a different DataSource you can create
one and mark its @Bean as @FlywayDataSource - if you do that remember to create
another one and mark it as @Primary if you want 2 data sources.
Or you can use Flyway’s native DataSource by setting flyway.[url,user,password]
in external properties.

63.5.2 Execute Liquibase database migrations on startup

To automatically run Liquibase database migrations on startup, add the
org.liquibase:liquibase-core to your classpath.

The master change log is by default read from db/changelog/db.changelog-master.yaml but
can be set using liquibase.change-log. See
LiquibaseProperties
for details of available settings like contexts, default schema etc.

64. Batch applications

64.1 Execute Spring Batch jobs on startup

By default it executes allJobs in the application context on startup (see
JobLauncherCommandLineRunner
for details). You can narrow down to a specific job or jobs by specifying
spring.batch.job.names (comma separated job name patterns).

If the application context includes a JobRegistry then the jobs in
spring.batch.job.names are looked up in the registry instead of being autowired from the
context. This is a common pattern with more complex systems where multiple jobs are
defined in child contexts and registered centrally.

65. Actuator

65.1 Change the HTTP port or address of the actuator endpoints

In a standalone application the Actuator HTTP port defaults to the same as the main HTTP
port. To make the application listen on a different port set the external property
management.port. To listen on a completely different network address (e.g. if you have
an internal network for management and an external one for user applications) you can
also set management.address to a valid IP address that the server is able to bind to.

65.2 Customize the “whitelabel” error page

The Actuator installs a “whitelabel” error page that you will see in browser client if
you encounter a server error (machine clients consuming JSON and other media types should
see a sensible response with the right error code). To switch it off you can set
error.whitelabel.enabled=false, but normally in addition or alternatively to that you
will want to add your own error page replacing the whitelabel one. Exactly how you do this
depends on the templating technology that you are using. For example, if you are using
Thymeleaf you would add an error.html template and if you are using FreeMarker you would
add an error.ftl template. In general what you need is a View that resolves with a name
of error, and/or a @Controller that handles the /error path. Unless you replaced some
of the default configuration you should find a BeanNameViewResolver in your
ApplicationContext so a @Bean with id error would be a simple way of doing that.
Look at ErrorMvcAutoConfiguration for more options.

66. Security

66.1 Switch off the Spring Boot security configuration

If you define a @Configuration with @EnableWebSecurity anywhere in your application
it will switch off the default webapp security settings in Spring Boot. To tweak the
defaults try setting properties in security.* (see
SecurityProperties
for details of available settings) and SECURITY section of
Common application properties.

66.2 Change the AuthenticationManager and add user accounts

If you provide a @Bean of type AuthenticationManager the default one will not be
created, so you have the full feature set of Spring Security available (e.g.
various authentication options).

Spring Security also provides a convenient AuthenticationManagerBuilder which can be
used to build an AuthenticationManager with common options. The recommended way to
use this in a webapp is to inject it into a void method in a
WebSecurityConfigurerAdapter, e.g.

You will get the best results if you put this in a nested class, or a standalone class
(i.e. not mixed in with a lot of other @Beans that might be allowed to influence the
order of instantiation). The secure web sample
is a useful template to follow.

66.3 Enable HTTPS when running behind a proxy server

Ensuring that all your main endpoints are only available over HTTPS is an important
chore for any application. If you are using Tomcat as a servlet container, then
Spring Boot will add Tomcat’s own RemoteIpValve automatically if it detects some
environment settings, and you should be able to rely on the HttpServletRequest to
report whether it is secure or not (even downstream of a proxy server that handles the
real SSL termination). The standard behavior is determined by the presence or absence of
certain request headers (x-forwarded-for and x-forwarded-proto), whose names are
conventional, so it should work with most front end proxies. You can switch on the valve
by adding some entries to application.properties, e.g.

(The presence of either of those properties will switch on the valve. Or you can add the
RemoteIpValve yourself by adding a TomcatEmbeddedServletContainerFactory bean.)

Spring Security can also be configured to require a secure channel for all (or some
requests). To switch that on in a Spring Boot application you just need to set
security.require_https to true in application.properties.

67. Hot swapping

67.1 Reload static content

There are several options for hot reloading. Running in an IDE (especially with debugging
on) is a good way to do development (all modern IDEs allow reloading of static resources
and usually also hot-swapping of Java class changes). The
Maven and Gradle plugins also
support running from the command line with reloading of static files. You can use that
with an external css/js compiler process if you are writing that code with higher level
tools.

67.2 Reload Thymeleaf templates without restarting the container

If you are using Thymeleaf, then set spring.thymeleaf.cache to false. See
ThymeleafAutoConfiguration
for other Thymeleaf customization options.

67.3 Reload FreeMarker templates without restarting the container

If you are using FreeMarker, then set spring.freemarker.cache to false. See
FreeMarkerAutoConfiguration
for other FreeMarker customization options.

67.4 Reload Groovy templates without restarting the container

If you are using Groovy templates, then set spring.groovy.template.cache to false. See
GroovyTemplateAutoConfiguration
for other Groovy customization options.

67.5 Reload Velocity templates without restarting the container

If you are using Velocity, then set spring.velocity.cache to false. See
VelocityAutoConfiguration
for other Velocity customization options.

67.6 Reload Java classes without restarting the container

Modern IDEs (Eclipse, IDEA, etc.) all support hot swapping of bytecode, so if you make a
change that doesn’t affect class or method signatures it should reload cleanly with no
side effects.

Spring Loaded goes a little further in
that it can reload class definitions with changes in the method signatures. With some
customization it can force an ApplicationContext to refresh itself (but there is no
general mechanism to ensure that would be safe for a running application anyway, so it
would only ever be a development time trick probably).

67.6.1 Configuring Spring Loaded for use with Gradle and IntelliJ

You need to jump though a few hoops if you want to use Spring Loaded in combination with
Gradle and IntelliJ. By default, IntelliJ will compile classes into a different location
than Gradle, causing Spring Loaded monitoring to fail.

Intellij must be configured to use the same Java version as the command line Gradle
task and springloadedmust be included as a buildscript dependency.

You can also additionally enable “Make Project Automatically” inside Intellij to
automatically compile your code whenever a file is saved.

68. Build

68.1 Customize dependency versions with Maven

If you use a Maven build that inherits directly or indirectly from spring-boot-dependencies
(for instance spring-boot-starter-parent) but you want to override a specific
third-party dependency you can add appropriate <properties> elements. Browse
the spring-boot-dependencies
POM for a complete list of properties. For example, to pick a different slf4j version
you would add the following:

<properties><slf4j.version>1.7.5<slf4j.version></properties>

Note

this only works if your Maven project inherits (directly or indirectly) from
spring-boot-dependencies. If you have added spring-boot-dependencies in your
own dependencyManagement section with <scope>import</scope> you have to redefine
the artifact yourself instead of overriding the property .

Warning

Each Spring Boot release is designed and tested against a specific set of
third-party dependencies. Overriding versions may cause compatibility issues.

68.2 Create an executable JAR with Maven

The spring-boot-maven-plugin can be used to create an executable “fat” JAR. If you
are using the spring-boot-starter-parent POM you can simply declare the plugin and
your jars will be repackaged:

68.3 Create an additional executable JAR

If you want to use your project as a library jar for other projects to depend on, and in
addition have an executable (e.g. demo) version of it, you will want to configure the
build in a slightly different way.

For Maven the normal JAR plugin and the Spring Boot plugin both have a “classifier”
configuration that you can add to create an additional JAR. Example (using the Spring
Boot Starter Parent to manage the plugin versions and other configuration defaults):

Two jars are produced, the default one, and an executable one using the Boot plugin with
classifier “exec”.

For Gradle users the steps are similar. Example:

bootRepackage {
classifier = 'exec'
}

68.4 Extract specific libraries when an executable jar runs

Most nested libraries in an executable jar do not need to be unpacked in order to run,
however, certain libraries can have problems. For example, JRuby includes its own nested
jar support which assumes that the jruby-complete.jar is always directly available as a
file in its own right.

To deal with any problematic libraries, you can flag that specific nested jars should be
automatically unpacked to the “temp folder” when the executable jar first runs.

For example, to indicate that JRuby should be flagged for unpack using the Maven Plugin
you would add the following configuration:

68.5 Create a non-executable JAR with exclusions

Often if you have an executable and a non-executable jar as build products, the executable
version will have additional configuration files that are not needed in a library jar.
E.g. the application.yml configuration file might excluded from the non-executable JAR.

Here’s how to do that in Maven:

<build><plugins><plugin><groupId>org.springframework.boot</groupId><artifactId>spring-boot-maven-plugin</artifactId><configuration><classifier>exec</classifier></configuration></plugin><plugin><artifactId>maven-jar-plugin</artifactId><executions><execution><id>exec</id><phase>package</phase><goals><goal>jar</goal></goals><configuration><classifier>exec</classifier></configuration></execution><execution><phase>package</phase><goals><goal>jar</goal></goals><configuration><!-- Need this to ensure application.yml is excluded --><forceCreation>true</forceCreation><excludes><exclude>application.yml</exclude></excludes></configuration></execution></executions></plugin></plugins></build>

In Gradle you can create a new JAR archive with standard task DSL features, and then have
the bootRepackage task depend on that one using its withJarTask property:

68.8 Build an executable archive with Ant

To build with Ant you need to grab dependencies, compile and then create a jar or war
archive as normal. To make it executable:

Use the appropriate launcher as a Main-Class, e.g. JarLauncher for a jar file, and
specify the other properties it needs as manifest entries, principally a Start-Class.

Add the runtime dependencies in a nested “lib” directory (for a jar) and the
provided (embedded container) dependencies in a nested lib-provided directory.
Remember not to compress the entries in the archive.

Add the spring-boot-loader classes at the root of the archive (so the Main-Class
is available).

The Actuator Sample has a build.xml that should work if you run it with

$ ant -lib <path_to>/ivy-2.2.jar

after which you can run the application with

$ java -jar target/*.jar

69. Traditional deployment

69.1 Create a deployable war file

Use the SpringBootServletInitializer base class, which is picked up by Spring’s
Servlet 3.0 support on deployment. Add an extension of that to your project and build a
war file as normal. For more detail, see the
“Converting a jar Project to a war” guide
on the spring.io website and the sample below.

The war file can also be executable if you use the Spring Boot build tools. In that case
the embedded container classes (to launch Tomcat for instance) have to be added to the
war in a lib-provided directory. The tools will take care of that as long as the
dependencies are marked as “provided” in Maven or Gradle. Here’s a Maven example
in the Boot Samples.

69.2 Create a deployable war file for older servlet containers

Older Servlet containers don’t have support for the ServletContextInitializer bootstrap
process used in Servlet 3.0. You can still use Spring and Spring Boot in these containers
but you are going to need to add a web.xml to your application and configure it to load
an ApplicationContext via a DispatcherServlet.

69.3 Convert an existing application to Spring Boot

For a non-web application it should be easy (throw away the code that creates your
ApplicationContext and replace it with calls to SpringApplication or
SpringApplicationBuilder). Spring MVC web applications are generally amenable to first
creating a deployable war application, and then migrating it later to an executable war
and/or jar. Useful reading is in the Getting
Started Guide on Converting a jar to a war.

Create a deployable war by extending SpringBootServletInitializer (e.g. in a class
called Application), and add the Spring Boot @EnableAutoConfiguration annotation.
Example:

Remember that whatever you put in the sources is just a Spring ApplicationContext and
normally anything that already works should work here. There might be some beans you can
remove later and let Spring Boot provide its own defaults for them, but it should be
possible to get something working first.

Static resources can be moved to /public (or /static or /resources or
/META-INF/resources) in the classpath root. Same for messages.properties (Spring Boot
detects this automatically in the root of the classpath).

Vanilla usage of Spring DispatcherServlet and Spring Security should require no further
changes. If you have other features in your application, using other servlets or filters
for instance, then you may need to add some configuration to your Application context,
replacing those elements from the web.xml as follows:

A @Bean of type Servlet or ServletRegistrationBean installs that bean in the
container as if it was a <servlet/> and <servlet-mapping/> in web.xml.

A @Bean of type Filter or FilterRegistrationBean behaves similarly (like a
<filter/> and <filter-mapping/>.

An ApplicationContext in an XML file can be added to an @Import in your
Application. Or simple cases where annotation configuration is heavily used already
can be recreated in a few lines as @Bean definitions.

Once the war is working we make it executable by adding a main method to our
Application, e.g.

All of these should be amenable to translation, but each might require slightly different
tricks.

Servlet 3.0 applications might translate pretty easily if they already use the Spring
Servlet 3.0 initializer support classes. Normally all the code from an existing
WebApplicationInitializer can be moved into a SpringBootServletInitializer. If your
existing application has more than one ApplicationContext (e.g. if it uses
AbstractDispatcherServletInitializer) then you might be able to squash all your context
sources into a single SpringApplication. The main complication you might encounter is if
that doesn’t work and you need to maintain the context hierarchy. See the
entry on building a hierarchy for
examples. An existing parent context that contains web-specific features will usually
need to be broken up so that all the ServletContextAware components are in the child
context.

Applications that are not already Spring applications might be convertible to a Spring
Boot application, and the guidance above might help, but your mileage may vary.

Part X. Appendices

Appendix A. Common application properties

Various properties can be specified inside your application.properties/application.yml
file or as command line switches. This section provides a list common Spring Boot
properties and references to the underlying classes that consume them.

Note

Property contributions can come from additional jar files on your classpath so
you should not consider this an exhaustive list. It is also perfectly legit to define
your own properties.

Warning

This sample file is meant as a guide only. Do not copy/paste the entire
content into your application; rather pick only the properties that you need.

Appendix B. Auto-configuration classes

Here is a list of all auto configuration classes provided by Spring Boot with links to
documentation and source code. Remember to also look at the autoconfig report in your
application for more details of which features are switched on.
(start the app with --debug or -Ddebug, or in an Actuator application use the
autoconfig endpoint).

B.1 From the “spring-boot-autoconfigure” module

The following auto-configuration classes are from the spring-boot-autoconfigure module:

Appendix C. The executable jar format

The spring-boot-loader modules allows Spring Boot to support executable jar and
war files. If you’re using the Maven or Gradle plugin, executable jars are
automatically generated and you generally won’t need to know the details of how
they work.

If you need to create executable jars from a different build system, or if you are just
curious about the underlying technology, this section provides some background.

C.1 Nested JARs

Java does not provide any standard way to load nested jar files (i.e. jar files that
are themselves contained within a jar). This can be problematic if you are looking
to distribute a self contained application that you can just run from the command line
without unpacking.

To solve this problem, many developers use “shaded” jars. A shaded jar simply packages
all classes, from all jars, into a single uber jar. The problem with shaded jars is
that it becomes hard to see which libraries you are actually using in your application.
It can also be problematic if the the same filename is used (but with different content)
in multiple jars. Spring Boot takes a different approach and allows you to actually nest
jars directly.

C.1.1 The executable jar file structure

Spring Boot Loader compatible jar files should be structured in the following way:

Dependencies should be placed in a nested WEB-INF/lib directory. Any dependencies
that are required when running embedded but are not required when deploying to
a traditional web container should be placed in WEB-INF/lib-provided.

C.2 Spring Boot’s “JarFile” class

The core class used to support loading nested jars is
org.springframework.boot.loader.jar.JarFile. It allows you load jar
content from a standard jar file, or from nested child jar data. When first loaded, the
location of each JarEntry is mapped to a physical file offset of the outer jar:

The example above shows how A.class can be found in myapp.jar position 0063.
B.class from the nested jar can actually be found in myapp.jar position 3452
and B.class is at position 3980.

Armed with this information, we can load specific nested entries by simply seeking to
appropriate part if the outer jar. We don’t need to unpack the archive and we don’t
need to read all entry data into memory.

C.2.1 Compatibility with the standard Java “JarFile”

Spring Boot Loader strives to remain compatible with existing code and libraries.
org.springframework.boot.loader.jar.JarFile extends from java.util.jar.JarFile and
should work as a drop-in replacement. The RandomAccessJarFile.getURL() method will
return a URL that opens a java.net.JarURLConnection compatible connection.
RandomAccessJarFile URLs can be used with Java’s URLClassLoader.

C.3 Launching executable jars

The org.springframework.boot.loader.Launcher class is a special bootstrap class that
is used as an executable jars main entry point. It is the actual Main-Class in your jar
file and it’s used to setup an appropriate URLClassLoader and ultimately call your
main() method.

There are 3 launcher subclasses (JarLauncher, WarLauncher and PropertiesLauncher).
Their purpose is to load resources (.class files etc.) from nested jar files or war
files in directories (as opposed to explicitly on the classpath). In the case of the
[Jar|War]Launcher the nested paths are fixed (lib/*.jar and lib-provided/*.jar for
the war case) so you just add extra jars in those locations if you want more. The
PropertiesLauncher looks in lib/ by default, but you can add additional locations by
setting an environment variable LOADER_PATH or loader.path in application.properties
(comma-separated list of directories or archives).

C.3.1 Launcher manifest

You need to specify an appropriate Launcher as the Main-Class attribute of
META-INF/MANIFEST.MF. The actual class that you want to launch (i.e. the class that
you wrote that contains a main method) should be specified in the Start-Class
attribute.

For example, here is a typical MANIFEST.MF for an executable jar file:

You do not need to specify Class-Path entries in your manifest file, the classpath
will be deduced from the nested jars.

C.3.2 Exploded archives

Certain PaaS implementations may choose to unpack archives before they run. For example,
Cloud Foundry operates in this way. You can run an unpacked archive by simply starting
the appropriate launcher:

Boolean flag to indicate that all properties should be added to System properties
(defaults to false)

Manifest entry keys are formed by capitalizing initial letters of words and changing the
separator to "-" from "." (e.g. Loader-Path). The exception is loader.main which
is looked up as Start-Class in the manifest for compatibility with JarLauncher).

Environment variables can be capitalized with underscore separators instead of periods.

loader.home is the directory location of an additional properties file (overriding
the default) as long as loader.config.location is not specified.

Placeholder replacement is done from System and environment variables plus the
properties file itself on all values before use.

C.5 Executable jar restrictions

There are a number of restrictions that you need to consider when working with a Spring
Boot Loader packaged application.

C.5.1 Zip entry compression

The ZipEntry for a nested jar must be saved using the ZipEntry.STORED method. This
is required so that we can seek directly to individual content within the nested jar.
The content of the nested jar file itself can still be compressed, as can any other
entries in the outer jar.

C.5.2 System ClassLoader

Launched applications should use Thread.getContextClassLoader() when loading classes
(most libraries and frameworks will do this by default). Trying to load nested jar
classes via ClassLoader.getSystemClassLoader() will fail. Please be aware that
java.util.Logging always uses the system classloader, for this reason you should
consider a different logging implementation.

C.6 Alternative single jar solutions

If the above restrictions mean that you cannot use Spring Boot Loader the following
alternatives could be considered:

Appendix D. Dependency versions

The table below provides details of all of the dependency versions that are provided by Spring Boot
in its CLI, Maven dependency management and Gradle plugin. When you declare a dependency on one of
these artifacts without declaring a version the version that is listed in the table will be used.